suse-su-2025:02852-1
Vulnerability from csaf_suse
Published
2025-08-18 15:58
Modified
2025-08-18 15:58
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160).
- CVE-2023-52923: netfilter: nf_tables: split async and sync catchall in two functions (bsc#1236104).
- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1240799).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245217).
- CVE-2025-38181: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246000).
- CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045).
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073).
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029).
- CVE-2025-38213: vgacon: Add check for vc_origin address range in vgacon_scroll() (bsc#1246037).
- CVE-2025-38257: s390/pkey: Prevent overflow in size calculation for memdup_user() (bsc#1246186).
- CVE-2025-38289: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1246287).
- CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781).
- CVE-2025-38468: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (bsc#1247437).
- CVE-2025-38477: net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (bsc#1247314).
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247349).
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247348).
- CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347).
The following non-security bugs were fixed:
- Revert 'hugetlb: unshare some PMDs when splitting VMAs' (bsc#1245431).
- Revert 'mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race'
- Revert 'mm/hugetlb: unshare page tables during VMA split, not before'
- bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (bsc#1244523).
- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480 bsc#1246555).
Patchnames
SUSE-2025-2852,SUSE-SLE-Micro-5.5-2025-2852
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160).\n- CVE-2023-52923: netfilter: nf_tables: split async and sync catchall in two functions (bsc#1236104).\n- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).\n- CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829).\n- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).\n- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).\n- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).\n- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1240799).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).\n- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245217).\n- CVE-2025-38181: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246000).\n- CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045).\n- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073).\n- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029).\n- CVE-2025-38213: vgacon: Add check for vc_origin address range in vgacon_scroll() (bsc#1246037).\n- CVE-2025-38257: s390/pkey: Prevent overflow in size calculation for memdup_user() (bsc#1246186).\n- CVE-2025-38289: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1246287).\n- CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781).\n- CVE-2025-38468: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (bsc#1247437).\n- CVE-2025-38477: net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (bsc#1247314).\n- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247349).\n- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247348).\n- CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347).\n\nThe following non-security bugs were fixed:\n\n- Revert \u0027hugetlb: unshare some PMDs when splitting VMAs\u0027 (bsc#1245431).\n- Revert \u0027mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race\u0027 \n- Revert \u0027mm/hugetlb: unshare page tables during VMA split, not before\u0027 \n- bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (bsc#1244523).\n- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480 bsc#1246555).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2852,SUSE-SLE-Micro-5.5-2025-2852",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02852-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02852-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502852-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02852-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041256.html"
},
{
"category": "self",
"summary": "SUSE Bug 1206051",
"url": "https://bugzilla.suse.com/1206051"
},
{
"category": "self",
"summary": "SUSE Bug 1221829",
"url": "https://bugzilla.suse.com/1221829"
},
{
"category": "self",
"summary": "SUSE Bug 1233551",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "self",
"summary": "SUSE Bug 1234480",
"url": "https://bugzilla.suse.com/1234480"
},
{
"category": "self",
"summary": "SUSE Bug 1234863",
"url": "https://bugzilla.suse.com/1234863"
},
{
"category": "self",
"summary": "SUSE Bug 1236104",
"url": "https://bugzilla.suse.com/1236104"
},
{
"category": "self",
"summary": "SUSE Bug 1236333",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "self",
"summary": "SUSE Bug 1237164",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "self",
"summary": "SUSE Bug 1238160",
"url": "https://bugzilla.suse.com/1238160"
},
{
"category": "self",
"summary": "SUSE Bug 1239644",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "self",
"summary": "SUSE Bug 1240799",
"url": "https://bugzilla.suse.com/1240799"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242417",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "self",
"summary": "SUSE Bug 1244309",
"url": "https://bugzilla.suse.com/1244309"
},
{
"category": "self",
"summary": "SUSE Bug 1244523",
"url": "https://bugzilla.suse.com/1244523"
},
{
"category": "self",
"summary": "SUSE Bug 1245217",
"url": "https://bugzilla.suse.com/1245217"
},
{
"category": "self",
"summary": "SUSE Bug 1245431",
"url": "https://bugzilla.suse.com/1245431"
},
{
"category": "self",
"summary": "SUSE Bug 1245506",
"url": "https://bugzilla.suse.com/1245506"
},
{
"category": "self",
"summary": "SUSE Bug 1245711",
"url": "https://bugzilla.suse.com/1245711"
},
{
"category": "self",
"summary": "SUSE Bug 1245986",
"url": "https://bugzilla.suse.com/1245986"
},
{
"category": "self",
"summary": "SUSE Bug 1246000",
"url": "https://bugzilla.suse.com/1246000"
},
{
"category": "self",
"summary": "SUSE Bug 1246029",
"url": "https://bugzilla.suse.com/1246029"
},
{
"category": "self",
"summary": "SUSE Bug 1246037",
"url": "https://bugzilla.suse.com/1246037"
},
{
"category": "self",
"summary": "SUSE Bug 1246045",
"url": "https://bugzilla.suse.com/1246045"
},
{
"category": "self",
"summary": "SUSE Bug 1246073",
"url": "https://bugzilla.suse.com/1246073"
},
{
"category": "self",
"summary": "SUSE Bug 1246186",
"url": "https://bugzilla.suse.com/1246186"
},
{
"category": "self",
"summary": "SUSE Bug 1246287",
"url": "https://bugzilla.suse.com/1246287"
},
{
"category": "self",
"summary": "SUSE Bug 1246555",
"url": "https://bugzilla.suse.com/1246555"
},
{
"category": "self",
"summary": "SUSE Bug 1246781",
"url": "https://bugzilla.suse.com/1246781"
},
{
"category": "self",
"summary": "SUSE Bug 1247314",
"url": "https://bugzilla.suse.com/1247314"
},
{
"category": "self",
"summary": "SUSE Bug 1247347",
"url": "https://bugzilla.suse.com/1247347"
},
{
"category": "self",
"summary": "SUSE Bug 1247348",
"url": "https://bugzilla.suse.com/1247348"
},
{
"category": "self",
"summary": "SUSE Bug 1247349",
"url": "https://bugzilla.suse.com/1247349"
},
{
"category": "self",
"summary": "SUSE Bug 1247437",
"url": "https://bugzilla.suse.com/1247437"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49138 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49770 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52923 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52927 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26643 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26643/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53164 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53164/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21701 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21971 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38079 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38088 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38120 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38177 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38200 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38206 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38212 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38213 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38257 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38257/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38289 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38289/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38350 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38350/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38468 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38477 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38494 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38495 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38497 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38497/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-08-18T15:58:13Z",
"generator": {
"date": "2025-08-18T15:58:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02852-1",
"initial_release_date": "2025-08-18T15:58:13Z",
"revision_history": [
{
"date": "2025-08-18T15:58:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"product": {
"name": "kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"product_id": "kernel-devel-rt-5.14.21-150500.13.103.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.14.21-150500.13.103.2.noarch",
"product": {
"name": "kernel-source-rt-5.14.21-150500.13.103.2.noarch",
"product_id": "kernel-source-rt-5.14.21-150500.13.103.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.14.21-150500.13.103.2.x86_64",
"product_id": "cluster-md-kmp-rt-5.14.21-150500.13.103.2.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "dlm-kmp-rt-5.14.21-150500.13.103.2.x86_64",
"product_id": "dlm-kmp-rt-5.14.21-150500.13.103.2.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.14.21-150500.13.103.2.x86_64",
"product_id": "gfs2-kmp-rt-5.14.21-150500.13.103.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "kernel-rt-5.14.21-150500.13.103.2.x86_64",
"product_id": "kernel-rt-5.14.21-150500.13.103.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "kernel-rt-devel-5.14.21-150500.13.103.2.x86_64",
"product_id": "kernel-rt-devel-5.14.21-150500.13.103.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "kernel-rt-extra-5.14.21-150500.13.103.2.x86_64",
"product_id": "kernel-rt-extra-5.14.21-150500.13.103.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "kernel-rt-livepatch-5.14.21-150500.13.103.2.x86_64",
"product_id": "kernel-rt-livepatch-5.14.21-150500.13.103.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.14.21-150500.13.103.2.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.14.21-150500.13.103.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "kernel-rt-optional-5.14.21-150500.13.103.2.x86_64",
"product_id": "kernel-rt-optional-5.14.21-150500.13.103.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-vdso-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "kernel-rt-vdso-5.14.21-150500.13.103.2.x86_64",
"product_id": "kernel-rt-vdso-5.14.21-150500.13.103.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "kernel-rt_debug-5.14.21-150500.13.103.2.x86_64",
"product_id": "kernel-rt_debug-5.14.21-150500.13.103.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.14.21-150500.13.103.2.x86_64",
"product_id": "kernel-rt_debug-devel-5.14.21-150500.13.103.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-vdso-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "kernel-rt_debug-vdso-5.14.21-150500.13.103.2.x86_64",
"product_id": "kernel-rt_debug-vdso-5.14.21-150500.13.103.2.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.14.21-150500.13.103.2.x86_64",
"product_id": "kselftests-kmp-rt-5.14.21-150500.13.103.2.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.14.21-150500.13.103.2.x86_64",
"product_id": "ocfs2-kmp-rt-5.14.21-150500.13.103.2.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.14.21-150500.13.103.2.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.14.21-150500.13.103.2.x86_64",
"product_id": "reiserfs-kmp-rt-5.14.21-150500.13.103.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-5.14.21-150500.13.103.2.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch"
},
"product_reference": "kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.14.21-150500.13.103.2.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64"
},
"product_reference": "kernel-rt-5.14.21-150500.13.103.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.14.21-150500.13.103.2.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
},
"product_reference": "kernel-source-rt-5.14.21-150500.13.103.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-49138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: Ignore multiple conn complete events\n\nWhen one of the three connection complete events is received multiple\ntimes for the same handle, the device is registered multiple times which\nleads to memory corruptions. Therefore, consequent events for a single\nconnection are ignored.\n\nThe conn-\u003estate can hold different values, therefore HCI_CONN_HANDLE_UNSET\nis introduced to identify new connections. To make sure the events do not\ncontain this or another invalid handle HCI_CONN_HANDLE_MAX and checks\nare introduced.\n\nBuglink: https://bugzilla.kernel.org/show_bug.cgi?id=215497",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49138",
"url": "https://www.suse.com/security/cve/CVE-2022-49138"
},
{
"category": "external",
"summary": "SUSE Bug 1238160 for CVE-2022-49138",
"url": "https://bugzilla.suse.com/1238160"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "moderate"
}
],
"title": "CVE-2022-49138"
},
{
"cve": "CVE-2022-49770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: avoid putting the realm twice when decoding snaps fails\n\nWhen decoding the snaps fails it maybe leaving the \u0027first_realm\u0027\nand \u0027realm\u0027 pointing to the same snaprealm memory. And then it\u0027ll\nput it twice and could cause random use-after-free, BUG_ON, etc\nissues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49770",
"url": "https://www.suse.com/security/cve/CVE-2022-49770"
},
{
"category": "external",
"summary": "SUSE Bug 1242597 for CVE-2022-49770",
"url": "https://bugzilla.suse.com/1242597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "moderate"
}
],
"title": "CVE-2022-49770"
},
{
"cve": "CVE-2023-52923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: adapt set backend to use GC transaction API\n\nUse the GC transaction API to replace the old and buggy gc API and the\nbusy mark approach.\n\nNo set elements are removed from async garbage collection anymore,\ninstead the _DEAD bit is set on so the set element is not visible from\nlookup path anymore. Async GC enqueues transaction work that might be\naborted and retried later.\n\nrbtree and pipapo set backends does not set on the _DEAD bit from the\nsync GC path since this runs in control plane path where mutex is held.\nIn this case, set elements are deactivated, removed and then released\nvia RCU callback, sync GC never fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52923",
"url": "https://www.suse.com/security/cve/CVE-2023-52923"
},
{
"category": "external",
"summary": "SUSE Bug 1236104 for CVE-2023-52923",
"url": "https://bugzilla.suse.com/1236104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-52923"
},
{
"cve": "CVE-2023-52927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52927",
"url": "https://www.suse.com/security/cve/CVE-2023-52927"
},
{
"category": "external",
"summary": "SUSE Bug 1239644 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "external",
"summary": "SUSE Bug 1246016 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1246016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-26643",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26643"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout\n\nWhile the rhashtable set gc runs asynchronously, a race allows it to\ncollect elements from anonymous sets with timeouts while it is being\nreleased from the commit path.\n\nMingi Cho originally reported this issue in a different path in 6.1.x\nwith a pipapo set with low timeouts which is not possible upstream since\n7395dfacfff6 (\"netfilter: nf_tables: use timestamp to check for set\nelement timeout\").\n\nFix this by setting on the dead flag for anonymous sets to skip async gc\nin this case.\n\nAccording to 08e4c8c5919f (\"netfilter: nf_tables: mark newset as dead on\ntransaction abort\"), Florian plans to accelerate abort path by releasing\nobjects via workqueue, therefore, this sets on the dead flag for abort\npath too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26643",
"url": "https://www.suse.com/security/cve/CVE-2024-26643"
},
{
"category": "external",
"summary": "SUSE Bug 1221829 for CVE-2024-26643",
"url": "https://bugzilla.suse.com/1221829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-26643"
},
{
"cve": "CVE-2024-53057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT\n\nIn qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed\nto be either root or ingress. This assumption is bogus since it\u0027s valid\nto create egress qdiscs with major handle ffff:\nBudimir Markovic found that for qdiscs like DRR that maintain an active\nclass list, it will cause a UAF with a dangling class pointer.\n\nIn 066a3b5b2346, the concern was to avoid iterating over the ingress\nqdisc since its parent is itself. The proper fix is to stop when parent\nTC_H_ROOT is reached because the only way to retrieve ingress is when a\nhierarchy which does not contain a ffff: major handle call into\nqdisc_lookup with TC_H_MAJ(TC_H_ROOT).\n\nIn the scenario where major ffff: is an egress qdisc in any of the tree\nlevels, the updates will also propagate to TC_H_ROOT, which then the\niteration must stop.\n\n\n net/sched/sch_api.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53057",
"url": "https://www.suse.com/security/cve/CVE-2024-53057"
},
{
"category": "external",
"summary": "SUSE Bug 1233551 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "external",
"summary": "SUSE Bug 1245816 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1245816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53164",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53164"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix ordering of qlen adjustment\n\nChanges to sch-\u003eq.qlen around qdisc_tree_reduce_backlog() need to happen\n_before_ a call to said function because otherwise it may fail to notify\nparent qdiscs when the child is about to become empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53164",
"url": "https://www.suse.com/security/cve/CVE-2024-53164"
},
{
"category": "external",
"summary": "SUSE Bug 1234863 for CVE-2024-53164",
"url": "https://bugzilla.suse.com/1234863"
},
{
"category": "external",
"summary": "SUSE Bug 1246019 for CVE-2024-53164",
"url": "https://bugzilla.suse.com/1246019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2024-53164"
},
{
"cve": "CVE-2024-57947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f-\u003ebsize of the first element\nis smaller than m-\u003ebsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn\u0027t enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57947",
"url": "https://www.suse.com/security/cve/CVE-2024-57947"
},
{
"category": "external",
"summary": "SUSE Bug 1236333 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "external",
"summary": "SUSE Bug 1245799 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1245799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2024-57947"
},
{
"cve": "CVE-2025-21701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid race between device unregistration and ethnl ops\n\nThe following trace can be seen if a device is being unregistered while\nits number of channels are being modified.\n\n DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120\n CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771\n RIP: 0010:__mutex_lock+0xc8a/0x1120\n Call Trace:\n \u003cTASK\u003e\n ethtool_check_max_channel+0x1ea/0x880\n ethnl_set_channels+0x3c3/0xb10\n ethnl_default_set_doit+0x306/0x650\n genl_family_rcv_msg_doit+0x1e3/0x2c0\n genl_rcv_msg+0x432/0x6f0\n netlink_rcv_skb+0x13d/0x3b0\n genl_rcv+0x28/0x40\n netlink_unicast+0x42e/0x720\n netlink_sendmsg+0x765/0xc20\n __sys_sendto+0x3ac/0x420\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThis is because unregister_netdevice_many_notify might run before the\nrtnl lock section of ethnl operations, eg. set_channels in the above\nexample. In this example the rss lock would be destroyed by the device\nunregistration path before being used again, but in general running\nethnl operations while dismantle has started is not a good idea.\n\nFix this by denying any operation on devices being unregistered. A check\nwas already there in ethnl_ops_begin, but not wide enough.\n\nNote that the same issue cannot be seen on the ioctl version\n(__dev_ethtool) because the device reference is retrieved from within\nthe rtnl lock section there. Once dismantle started, the net device is\nunlisted and no reference will be found.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21701",
"url": "https://www.suse.com/security/cve/CVE-2025-21701"
},
{
"category": "external",
"summary": "SUSE Bug 1237164 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "external",
"summary": "SUSE Bug 1245805 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1245805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: Prevent creation of classes with TC_H_ROOT\n\nThe function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination\ncondition when traversing up the qdisc tree to update parent backlog\ncounters. However, if a class is created with classid TC_H_ROOT, the\ntraversal terminates prematurely at this class instead of reaching the\nactual root qdisc, causing parent statistics to be incorrectly maintained.\nIn case of DRR, this could lead to a crash as reported by Mingi Cho.\n\nPrevent the creation of any Qdisc class with classid TC_H_ROOT\n(0xFFFFFFFF) across all qdisc types, as suggested by Jamal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21971",
"url": "https://www.suse.com/security/cve/CVE-2025-21971"
},
{
"category": "external",
"summary": "SUSE Bug 1240799 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1240799"
},
{
"category": "external",
"summary": "SUSE Bug 1245794 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1245794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2025-21971"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-38079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_hash - fix double free in hash_accept\n\nIf accept(2) is called on socket type algif_hash with\nMSG_MORE flag set and crypto_ahash_import fails,\nsk2 is freed. However, it is also freed in af_alg_release,\nleading to slab-use-after-free error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38079",
"url": "https://www.suse.com/security/cve/CVE-2025-38079"
},
{
"category": "external",
"summary": "SUSE Bug 1245217 for CVE-2025-38079",
"url": "https://bugzilla.suse.com/1245217"
},
{
"category": "external",
"summary": "SUSE Bug 1245218 for CVE-2025-38079",
"url": "https://bugzilla.suse.com/1245218"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2025-38079"
},
{
"cve": "CVE-2025-38088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap\n\nmemtrace mmap issue has an out of bounds issue. This patch fixes the by\nchecking that the requested mapping region size should stay within the\nallocated region size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38088",
"url": "https://www.suse.com/security/cve/CVE-2025-38088"
},
{
"category": "external",
"summary": "SUSE Bug 1245506 for CVE-2025-38088",
"url": "https://bugzilla.suse.com/1245506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2025-38088"
},
{
"cve": "CVE-2025-38120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo_avx2: fix initial map fill\n\nIf the first field doesn\u0027t cover the entire start map, then we must zero\nout the remainder, else we leak those bits into the next match round map.\n\nThe early fix was incomplete and did only fix up the generic C\nimplementation.\n\nA followup patch adds a test case to nft_concat_range.sh.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38120",
"url": "https://www.suse.com/security/cve/CVE-2025-38120"
},
{
"category": "external",
"summary": "SUSE Bug 1245711 for CVE-2025-38120",
"url": "https://bugzilla.suse.com/1245711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-38120"
},
{
"cve": "CVE-2025-38177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38177"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: make hfsc_qlen_notify() idempotent\n\nhfsc_qlen_notify() is not idempotent either and not friendly\nto its callers, like fq_codel_dequeue(). Let\u0027s make it idempotent\nto ease qdisc_tree_reduce_backlog() callers\u0027 life:\n\n1. update_vf() decreases cl-\u003ecl_nactive, so we can check whether it is\nnon-zero before calling it.\n\n2. eltree_remove() always removes RB node cl-\u003eel_node, but we can use\n RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38177",
"url": "https://www.suse.com/security/cve/CVE-2025-38177"
},
{
"category": "external",
"summary": "SUSE Bug 1245986 for CVE-2025-38177",
"url": "https://bugzilla.suse.com/1245986"
},
{
"category": "external",
"summary": "SUSE Bug 1246356 for CVE-2025-38177",
"url": "https://bugzilla.suse.com/1246356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2025-38177"
},
{
"cve": "CVE-2025-38181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncalipso: Fix null-ptr-deref in calipso_req_{set,del}attr().\n\nsyzkaller reported a null-ptr-deref in sock_omalloc() while allocating\na CALIPSO option. [0]\n\nThe NULL is of struct sock, which was fetched by sk_to_full_sk() in\ncalipso_req_setattr().\n\nSince commit a1a5344ddbe8 (\"tcp: avoid two atomic ops for syncookies\"),\nreqsk-\u003ersk_listener could be NULL when SYN Cookie is returned to its\nclient, as hinted by the leading SYN Cookie log.\n\nHere are 3 options to fix the bug:\n\n 1) Return 0 in calipso_req_setattr()\n 2) Return an error in calipso_req_setattr()\n 3) Alaways set rsk_listener\n\n1) is no go as it bypasses LSM, but 2) effectively disables SYN Cookie\nfor CALIPSO. 3) is also no go as there have been many efforts to reduce\natomic ops and make TCP robust against DDoS. See also commit 3b24d854cb35\n(\"tcp/dccp: do not touch listener sk_refcnt under synflood\").\n\nAs of the blamed commit, SYN Cookie already did not need refcounting,\nand no one has stumbled on the bug for 9 years, so no CALIPSO user will\ncare about SYN Cookie.\n\nLet\u0027s return an error in calipso_req_setattr() and calipso_req_delattr()\nin the SYN Cookie case.\n\nThis can be reproduced by [1] on Fedora and now connect() of nc times out.\n\n[0]:\nTCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\nCPU: 3 UID: 0 PID: 12262 Comm: syz.1.2611 Not tainted 6.14.0 #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nRIP: 0010:read_pnet include/net/net_namespace.h:406 [inline]\nRIP: 0010:sock_net include/net/sock.h:655 [inline]\nRIP: 0010:sock_kmalloc+0x35/0x170 net/core/sock.c:2806\nCode: 89 d5 41 54 55 89 f5 53 48 89 fb e8 25 e3 c6 fd e8 f0 91 e3 00 48 8d 7b 30 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 26 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b\nRSP: 0018:ffff88811af89038 EFLAGS: 00010216\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff888105266400\nRDX: 0000000000000006 RSI: ffff88800c890000 RDI: 0000000000000030\nRBP: 0000000000000050 R08: 0000000000000000 R09: ffff88810526640e\nR10: ffffed1020a4cc81 R11: ffff88810526640f R12: 0000000000000000\nR13: 0000000000000820 R14: ffff888105266400 R15: 0000000000000050\nFS: 00007f0653a07640(0000) GS:ffff88811af80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f863ba096f4 CR3: 00000000163c0005 CR4: 0000000000770ef0\nPKRU: 80000000\nCall Trace:\n \u003cIRQ\u003e\n ipv6_renew_options+0x279/0x950 net/ipv6/exthdrs.c:1288\n calipso_req_setattr+0x181/0x340 net/ipv6/calipso.c:1204\n calipso_req_setattr+0x56/0x80 net/netlabel/netlabel_calipso.c:597\n netlbl_req_setattr+0x18a/0x440 net/netlabel/netlabel_kapi.c:1249\n selinux_netlbl_inet_conn_request+0x1fb/0x320 security/selinux/netlabel.c:342\n selinux_inet_conn_request+0x1eb/0x2c0 security/selinux/hooks.c:5551\n security_inet_conn_request+0x50/0xa0 security/security.c:4945\n tcp_v6_route_req+0x22c/0x550 net/ipv6/tcp_ipv6.c:825\n tcp_conn_request+0xec8/0x2b70 net/ipv4/tcp_input.c:7275\n tcp_v6_conn_request+0x1e3/0x440 net/ipv6/tcp_ipv6.c:1328\n tcp_rcv_state_process+0xafa/0x52b0 net/ipv4/tcp_input.c:6781\n tcp_v6_do_rcv+0x8a6/0x1a40 net/ipv6/tcp_ipv6.c:1667\n tcp_v6_rcv+0x505e/0x5b50 net/ipv6/tcp_ipv6.c:1904\n ip6_protocol_deliver_rcu+0x17c/0x1da0 net/ipv6/ip6_input.c:436\n ip6_input_finish+0x103/0x180 net/ipv6/ip6_input.c:480\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n ip6_input+0x13c/0x6b0 net/ipv6/ip6_input.c:491\n dst_input include/net/dst.h:469 [inline]\n ip6_rcv_finish net/ipv6/ip6_input.c:79 [inline]\n ip6_rcv_finish+0xb6/0x490 net/ipv6/ip6_input.c:69\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netf\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38181",
"url": "https://www.suse.com/security/cve/CVE-2025-38181"
},
{
"category": "external",
"summary": "SUSE Bug 1246000 for CVE-2025-38181",
"url": "https://bugzilla.suse.com/1246000"
},
{
"category": "external",
"summary": "SUSE Bug 1246001 for CVE-2025-38181",
"url": "https://bugzilla.suse.com/1246001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2025-38181"
},
{
"cve": "CVE-2025-38200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38200"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix MMIO write access to an invalid page in i40e_clear_hw\n\nWhen the device sends a specific input, an integer underflow can occur, leading\nto MMIO write access to an invalid page.\n\nPrevent the integer underflow by changing the type of related variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38200",
"url": "https://www.suse.com/security/cve/CVE-2025-38200"
},
{
"category": "external",
"summary": "SUSE Bug 1246045 for CVE-2025-38200",
"url": "https://bugzilla.suse.com/1246045"
},
{
"category": "external",
"summary": "SUSE Bug 1246046 for CVE-2025-38200",
"url": "https://bugzilla.suse.com/1246046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-38200"
},
{
"cve": "CVE-2025-38206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38206"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix double free in delayed_free\n\nThe double free could happen in the following path.\n\nexfat_create_upcase_table()\n exfat_create_upcase_table() : return error\n exfat_free_upcase_table() : free -\u003evol_utbl\n exfat_load_default_upcase_table : return error\n exfat_kill_sb()\n delayed_free()\n exfat_free_upcase_table() \u003c--------- double free\nThis patch set -\u003evol_util as NULL after freeing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38206",
"url": "https://www.suse.com/security/cve/CVE-2025-38206"
},
{
"category": "external",
"summary": "SUSE Bug 1246073 for CVE-2025-38206",
"url": "https://bugzilla.suse.com/1246073"
},
{
"category": "external",
"summary": "SUSE Bug 1246075 for CVE-2025-38206",
"url": "https://bugzilla.suse.com/1246075"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2025-38206"
},
{
"cve": "CVE-2025-38212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38212"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipc: fix to protect IPCS lookups using RCU\n\nsyzbot reported that it discovered a use-after-free vulnerability, [0]\n\n[0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/\n\nidr_for_each() is protected by rwsem, but this is not enough. If it is\nnot protected by RCU read-critical region, when idr_for_each() calls\nradix_tree_node_free() through call_rcu() to free the radix_tree_node\nstructure, the node will be freed immediately, and when reading the next\nnode in radix_tree_for_each_slot(), the already freed memory may be read.\n\nTherefore, we need to add code to make sure that idr_for_each() is\nprotected within the RCU read-critical region when we call it in\nshm_destroy_orphaned().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38212",
"url": "https://www.suse.com/security/cve/CVE-2025-38212"
},
{
"category": "external",
"summary": "SUSE Bug 1246029 for CVE-2025-38212",
"url": "https://bugzilla.suse.com/1246029"
},
{
"category": "external",
"summary": "SUSE Bug 1246030 for CVE-2025-38212",
"url": "https://bugzilla.suse.com/1246030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2025-38212"
},
{
"cve": "CVE-2025-38213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38213"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38213",
"url": "https://www.suse.com/security/cve/CVE-2025-38213"
},
{
"category": "external",
"summary": "SUSE Bug 1246037 for CVE-2025-38213",
"url": "https://bugzilla.suse.com/1246037"
},
{
"category": "external",
"summary": "SUSE Bug 1246039 for CVE-2025-38213",
"url": "https://bugzilla.suse.com/1246039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-38213"
},
{
"cve": "CVE-2025-38257",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38257"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pkey: Prevent overflow in size calculation for memdup_user()\n\nNumber of apqn target list entries contained in \u0027nr_apqns\u0027 variable is\ndetermined by userspace via an ioctl call so the result of the product in\ncalculation of size passed to memdup_user() may overflow.\n\nIn this case the actual size of the allocated area and the value\ndescribing it won\u0027t be in sync leading to various types of unpredictable\nbehaviour later.\n\nUse a proper memdup_array_user() helper which returns an error if an\noverflow is detected. Note that it is different from when nr_apqns is\ninitially zero - that case is considered valid and should be handled in\nsubsequent pkey_handler implementations.\n\nFound by Linux Verification Center (linuxtesting.org).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38257",
"url": "https://www.suse.com/security/cve/CVE-2025-38257"
},
{
"category": "external",
"summary": "SUSE Bug 1246186 for CVE-2025-38257",
"url": "https://bugzilla.suse.com/1246186"
},
{
"category": "external",
"summary": "SUSE Bug 1246189 for CVE-2025-38257",
"url": "https://bugzilla.suse.com/1246189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2025-38257"
},
{
"cve": "CVE-2025-38289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38289"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk\n\nSmatch detected a potential use-after-free of an ndlp oject in\ndev_loss_tmo_callbk during driver unload or fatal error handling.\n\nFix by reordering code to avoid potential use-after-free if initial\nnodelist reference has been previously removed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38289",
"url": "https://www.suse.com/security/cve/CVE-2025-38289"
},
{
"category": "external",
"summary": "SUSE Bug 1246287 for CVE-2025-38289",
"url": "https://bugzilla.suse.com/1246287"
},
{
"category": "external",
"summary": "SUSE Bug 1246288 for CVE-2025-38289",
"url": "https://bugzilla.suse.com/1246288"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-38289"
},
{
"cve": "CVE-2025-38350",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38350"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Always pass notifications when child class becomes empty\n\nCertain classful qdiscs may invoke their classes\u0027 dequeue handler on an\nenqueue operation. This may unexpectedly empty the child qdisc and thus\nmake an in-flight class passive via qlen_notify(). Most qdiscs do not\nexpect such behaviour at this point in time and may re-activate the\nclass eventually anyways which will lead to a use-after-free.\n\nThe referenced fix commit attempted to fix this behavior for the HFSC\ncase by moving the backlog accounting around, though this turned out to\nbe incomplete since the parent\u0027s parent may run into the issue too.\nThe following reproducer demonstrates this use-after-free:\n\n tc qdisc add dev lo root handle 1: drr\n tc filter add dev lo parent 1: basic classid 1:1\n tc class add dev lo parent 1: classid 1:1 drr\n tc qdisc add dev lo parent 1:1 handle 2: hfsc def 1\n tc class add dev lo parent 2: classid 2:1 hfsc rt m1 8 d 1 m2 0\n tc qdisc add dev lo parent 2:1 handle 3: netem\n tc qdisc add dev lo parent 3:1 handle 4: blackhole\n\n echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888\n tc class delete dev lo classid 1:1\n echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888\n\nSince backlog accounting issues leading to a use-after-frees on stale\nclass pointers is a recurring pattern at this point, this patch takes\na different approach. Instead of trying to fix the accounting, the patch\nensures that qdisc_tree_reduce_backlog always calls qlen_notify when\nthe child qdisc is empty. This solves the problem because deletion of\nqdiscs always involves a call to qdisc_reset() and / or\nqdisc_purge_queue() which ultimately resets its qlen to 0 thus causing\nthe following qdisc_tree_reduce_backlog() to report to the parent. Note\nthat this may call qlen_notify on passive classes multiple times. This\nis not a problem after the recent patch series that made all the\nclassful qdiscs qlen_notify() handlers idempotent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38350",
"url": "https://www.suse.com/security/cve/CVE-2025-38350"
},
{
"category": "external",
"summary": "SUSE Bug 1246781 for CVE-2025-38350",
"url": "https://bugzilla.suse.com/1246781"
},
{
"category": "external",
"summary": "SUSE Bug 1247043 for CVE-2025-38350",
"url": "https://bugzilla.suse.com/1247043"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2025-38350"
},
{
"cve": "CVE-2025-38468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38468"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree\n\nhtb_lookup_leaf has a BUG_ON that can trigger with the following:\n\ntc qdisc del dev lo root\ntc qdisc add dev lo root handle 1: htb default 1\ntc class add dev lo parent 1: classid 1:1 htb rate 64bit\ntc qdisc add dev lo parent 1:1 handle 2: netem\ntc qdisc add dev lo parent 2:1 handle 3: blackhole\nping -I lo -c1 -W0.001 127.0.0.1\n\nThe root cause is the following:\n\n1. htb_dequeue calls htb_dequeue_tree which calls the dequeue handler on\n the selected leaf qdisc\n2. netem_dequeue calls enqueue on the child qdisc\n3. blackhole_enqueue drops the packet and returns a value that is not\n just NET_XMIT_SUCCESS\n4. Because of this, netem_dequeue calls qdisc_tree_reduce_backlog, and\n since qlen is now 0, it calls htb_qlen_notify -\u003e htb_deactivate -\u003e\n htb_deactiviate_prios -\u003e htb_remove_class_from_row -\u003e htb_safe_rb_erase\n5. As this is the only class in the selected hprio rbtree,\n __rb_change_child in __rb_erase_augmented sets the rb_root pointer to\n NULL\n6. Because blackhole_dequeue returns NULL, netem_dequeue returns NULL,\n which causes htb_dequeue_tree to call htb_lookup_leaf with the same\n hprio rbtree, and fail the BUG_ON\n\nThe function graph for this scenario is shown here:\n 0) | htb_enqueue() {\n 0) + 13.635 us | netem_enqueue();\n 0) 4.719 us | htb_activate_prios();\n 0) # 2249.199 us | }\n 0) | htb_dequeue() {\n 0) 2.355 us | htb_lookup_leaf();\n 0) | netem_dequeue() {\n 0) + 11.061 us | blackhole_enqueue();\n 0) | qdisc_tree_reduce_backlog() {\n 0) | qdisc_lookup_rcu() {\n 0) 1.873 us | qdisc_match_from_root();\n 0) 6.292 us | }\n 0) 1.894 us | htb_search();\n 0) | htb_qlen_notify() {\n 0) 2.655 us | htb_deactivate_prios();\n 0) 6.933 us | }\n 0) + 25.227 us | }\n 0) 1.983 us | blackhole_dequeue();\n 0) + 86.553 us | }\n 0) # 2932.761 us | qdisc_warn_nonwc();\n 0) | htb_lookup_leaf() {\n 0) | BUG_ON();\n ------------------------------------------\n\nThe full original bug report can be seen here [1].\n\nWe can fix this just by returning NULL instead of the BUG_ON,\nas htb_dequeue_tree returns NULL when htb_lookup_leaf returns\nNULL.\n\n[1] https://lore.kernel.org/netdev/pF5XOOIim0IuEfhI-SOxTgRvNoDwuux7UHKnE_Y5-zVd4wmGvNk2ceHjKb8ORnzw0cGwfmVu42g9dL7XyJLf1NEzaztboTWcm0Ogxuojoeo=@willsroot.io/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38468",
"url": "https://www.suse.com/security/cve/CVE-2025-38468"
},
{
"category": "external",
"summary": "SUSE Bug 1247437 for CVE-2025-38468",
"url": "https://bugzilla.suse.com/1247437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-38468"
},
{
"cve": "CVE-2025-38477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38477"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_qfq: Fix race condition on qfq_aggregate\n\nA race condition can occur when \u0027agg\u0027 is modified in qfq_change_agg\n(called during qfq_enqueue) while other threads access it\nconcurrently. For example, qfq_dump_class may trigger a NULL\ndereference, and qfq_delete_class may cause a use-after-free.\n\nThis patch addresses the issue by:\n\n1. Moved qfq_destroy_class into the critical section.\n\n2. Added sch_tree_lock protection to qfq_dump_class and\nqfq_dump_class_stats.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38477",
"url": "https://www.suse.com/security/cve/CVE-2025-38477"
},
{
"category": "external",
"summary": "SUSE Bug 1247314 for CVE-2025-38477",
"url": "https://bugzilla.suse.com/1247314"
},
{
"category": "external",
"summary": "SUSE Bug 1247315 for CVE-2025-38477",
"url": "https://bugzilla.suse.com/1247315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2025-38477"
},
{
"cve": "CVE-2025-38494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38494"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: do not bypass hid_hw_raw_request\n\nhid_hw_raw_request() is actually useful to ensure the provided buffer\nand length are valid. Directly calling in the low level transport driver\nfunction bypassed those checks and allowed invalid paramto be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38494",
"url": "https://www.suse.com/security/cve/CVE-2025-38494"
},
{
"category": "external",
"summary": "SUSE Bug 1247349 for CVE-2025-38494",
"url": "https://bugzilla.suse.com/1247349"
},
{
"category": "external",
"summary": "SUSE Bug 1247350 for CVE-2025-38494",
"url": "https://bugzilla.suse.com/1247350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2025-38494"
},
{
"cve": "CVE-2025-38495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: ensure the allocated report buffer can contain the reserved report ID\n\nWhen the report ID is not used, the low level transport drivers expect\nthe first byte to be 0. However, currently the allocated buffer not\naccount for that extra byte, meaning that instead of having 8 guaranteed\nbytes for implement to be working, we only have 7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38495",
"url": "https://www.suse.com/security/cve/CVE-2025-38495"
},
{
"category": "external",
"summary": "SUSE Bug 1247348 for CVE-2025-38495",
"url": "https://bugzilla.suse.com/1247348"
},
{
"category": "external",
"summary": "SUSE Bug 1247351 for CVE-2025-38495",
"url": "https://bugzilla.suse.com/1247351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "important"
}
],
"title": "CVE-2025-38495"
},
{
"cve": "CVE-2025-38497",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38497"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: configfs: Fix OOB read on empty string write\n\nWhen writing an empty string to either \u0027qw_sign\u0027 or \u0027landingPage\u0027\nsysfs attributes, the store functions attempt to access page[l - 1]\nbefore validating that the length \u0027l\u0027 is greater than zero.\n\nThis patch fixes the vulnerability by adding a check at the beginning\nof os_desc_qw_sign_store() and webusb_landingPage_store() to handle\nthe zero-length input case gracefully by returning immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38497",
"url": "https://www.suse.com/security/cve/CVE-2025-38497"
},
{
"category": "external",
"summary": "SUSE Bug 1247347 for CVE-2025-38497",
"url": "https://bugzilla.suse.com/1247347"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.103.2.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.103.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.103.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-18T15:58:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-38497"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…