{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThe SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).\n- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).\n- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).\n- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).\n- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).\n- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).\n- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).\n- CVE-2024-49940: kABI fix for l2tp: prevent possible tunnel refcount underflow (bsc#1232812).\n- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).\n- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).\n- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).\n- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).\n- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).\n- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).\n- CVE-2024-56638: kABI fix for \u0027netfilter: nft_inner: incorrect percpu area handling under softirq\u0027 (bsc#1235524).\n- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).\n- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).\n- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).\n- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).\n- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).\n- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).\n- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).\n- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).\n- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).\n- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).\n- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).\n- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).\n- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).\n- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).\n- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).\n- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).\n- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy (bsc#1236111).\n- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).\n- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).\n- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).\n- CVE-2025-21703: netem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).\n- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).\n- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).\n- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).\n- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).\n- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).\n- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).\n- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).\n- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).\n- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).\n- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).\n- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).\n- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).\n- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).\n- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).\n- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).\n- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).\n- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).\n- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).\n- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).\n- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).\n- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).\n- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).\n- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).\n- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).\n- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).\n- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).\n- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).\n\nThe following non-security bugs were fixed:\n\n- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).\n- accel/qaic: Fix possible data corruption in BOs \u003e 2G (git-fixes).\n- acpi: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).\n- acpi: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).\n- af_unix: Annotate data-race of sk-\u003esk_state in unix_stream_read_skb() (bsc#1239435).\n- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).\n- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).\n- alsa: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).\n- alsa: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).\n- alsa: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).\n- alsa: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).\n- alsa: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Always honor no_shutup_pins (git-fixes).\n- alsa: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).\n- alsa: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).\n- alsa: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).\n- alsa: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).\n- alsa: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).\n- alsa: hda/realtek: update ALC222 depop optimize (stable-fixes).\n- alsa: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).\n- alsa: seq: Avoid module auto-load handling at event delivery (stable-fixes).\n- alsa: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).\n- alsa: usb-audio: separate DJM-A9 cap lvl options (git-fixes).\n- alsa: usx2y: validate nrpacks module parameter on probe (git-fixes).\n- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)\n- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)\n- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)\n- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)\n- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)\n- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)\n- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)\n- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)\n- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)\n- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)\n- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)\n- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)\n- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)\n- asoc: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).\n- asoc: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).\n- asoc: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).\n- asoc: cs35l41: check the return value from spi_setup() (git-fixes).\n- asoc: ops: Consistently treat platform_max as control value (git-fixes).\n- asoc: rt722-sdca: add missing readable registers (git-fixes).\n- asoc: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).\n- asoc: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).\n- asoc: tas2764: Fix power control mask (stable-fixes).\n- asoc: tas2764: Set the SDOUT polarity correctly (stable-fixes).\n- asoc: tas2770: Fix volume scale (stable-fixes).\n- asoc: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).\n- ata: ahci: Add mask_port_map module parameter (git-fixes).\n- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).\n- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).\n- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).\n- ata: pata_parport: add custom version of wait_after_reset (git-fixes).\n- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).\n- ata: pata_serverworks: Do not use the term blacklist (git-fixes).\n- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).\n- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).\n- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).\n- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).\n- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).\n- bitmap: introduce generic optimized bitmap_size() (git-fixes).\n- block: cleanup and fix batch completion adding conditions (git-fixes).\n- block: do not revert iter for -EIOCBQUEUED (git-fixes).\n- bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).\n- bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).\n- bluetooth: hci_event: Fix enabling passive scanning (git-fixes).\n- bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).\n- bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).\n- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).\n- bpf: Fix a verifier verbose message (git-fixes).\n- bpf: prevent r10 register from being marked as precise (git-fixes).\n- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).\n- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).\n- broadcom: fix supported flag check in periodic output function (git-fixes).\n- btrfs: check delayed refs when we\u0027re checking if a ref exists (bsc#1239605).\n- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).\n- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).\n- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).\n- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).\n- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).\n- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).\n- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).\n- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).\n- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).\n- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).\n- can: flexcan: disable transceiver during system PM (git-fixes).\n- can: flexcan: only change CAN state when link up in system PM (git-fixes).\n- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).\n- can: ucan: fix out of bound read in strscpy() source (git-fixes).\n- cdx: Fix possible UAF error in driver_override_show() (git-fixes).\n- char: misc: deallocate static minor in error path (git-fixes).\n- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).\n- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).\n- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)\n- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)\n- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)\n- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).\n- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)\n- cpufreq/cppc: Move and rename (bsc#1237856)\n- cpumask: add cpumask_weight_andnot() (bsc#1239015).\n- cpumask: define cleanup function for cpumasks (bsc#1239015).\n- crypto: ccp - Fix check for the primary ASP device (git-fixes).\n- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).\n- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).\n- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).\n- crypto: iaa - Change desc-\u003epriv to 0 (jsc#PED-12416).\n- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).\n- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).\n- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).\n- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove header table code (jsc#PED-12416).\n- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).\n- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).\n- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).\n- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).\n- crypto: iaa - Test the correct request flag (git-fixes).\n- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).\n- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).\n- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).\n- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).\n- crypto: qat - add auto reset on error (jsc#PED-12416).\n- crypto: qat - add bank save and restore flows (jsc#PED-12416).\n- crypto: qat - add fatal error notification (jsc#PED-12416).\n- crypto: qat - add fatal error notify method (jsc#PED-12416).\n- crypto: qat - add heartbeat error simulator (jsc#PED-12416).\n- crypto: qat - add interface for live migration (jsc#PED-12416).\n- crypto: qat - add support for 420xx devices (jsc#PED-12416).\n- crypto: qat - add support for device telemetry (jsc#PED-12416).\n- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).\n- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).\n- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).\n- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).\n- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).\n- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).\n- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).\n- crypto: qat - disable arbitration before reset (jsc#PED-12416).\n- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).\n- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).\n- crypto: qat - fix \u0027Full Going True\u0027 macro definition (jsc#PED-12416).\n- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).\n- crypto: qat - fix comment structure (jsc#PED-12416).\n- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).\n- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).\n- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).\n- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).\n- crypto: qat - Fix spelling mistake \u0027Invalide\u0027 -\u003e \u0027Invalid\u0027 (jsc#PED-12416).\n- crypto: qat - Fix typo \u0027accelaration\u0027 (jsc#PED-12416).\n- crypto: qat - Fix typo (jsc#PED-12416).\n- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).\n- crypto: qat - implement dh fallback for primes \u003e 4K (jsc#PED-12416).\n- crypto: qat - implement interface for live migration (jsc#PED-12416).\n- crypto: qat - improve aer error reset handling (jsc#PED-12416).\n- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).\n- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).\n- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).\n- crypto: qat - limit heartbeat notifications (jsc#PED-12416).\n- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).\n- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).\n- crypto: qat - move fw config related structures (jsc#PED-12416).\n- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).\n- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).\n- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).\n- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).\n- crypto: qat - relocate CSR access code (jsc#PED-12416).\n- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).\n- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).\n- crypto: qat - Remove trailing space after \\n newline (jsc#PED-12416).\n- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).\n- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).\n- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).\n- crypto: qat - set parity error mask for qat_420xx (git-fixes).\n- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).\n- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).\n- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).\n- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).\n- crypto: qat - validate slices count returned by FW (jsc#PED-12416).\n- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).\n- dlm: prevent NPD when writing a positive value to event_done (git-fixes).\n- dm array: fix cursor index when skipping across block boundaries (git-fixes).\n- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).\n- dm init: Handle minors larger than 255 (git-fixes).\n- dm integrity: fix out-of-range warning (git-fixes).\n- dm persistent data: fix memory allocation failure (git-fixes).\n- dm resume: do not return EINVAL when signalled (git-fixes).\n- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).\n- dm thin: Add missing destroy_work_on_stack() (git-fixes).\n- dm-crypt: do not update io-\u003esector after kcryptd_crypt_write_io_submit() (git-fixes).\n- dm-crypt: track tag_offset in convert_context (git-fixes).\n- dm-delay: fix hung task introduced by kthread mode (git-fixes).\n- dm-delay: fix max_delay calculations (git-fixes).\n- dm-delay: fix workqueue delay_timer race (git-fixes).\n- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).\n- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).\n- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).\n- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).\n- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).\n- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).\n- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes). mwilck: some hand editing because d95e2c34a3ca (\u0027dm verity: Fix IO priority lost when reading FEC and hash\u0027) is missing\n- dm: Fix typo in error message (git-fixes).\n- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).\n- documentation: qat: fix auto_reset attribute details (git-fixes).\n- documentation: qat: fix auto_reset section (git-fixes).\n- driver core: Remove needless return in void API device_remove_group() (git-fixes).\n- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).\n- drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).\n- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).\n- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).\n- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).\n- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).\n- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).\n- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).\n- drm/amd/display: Fix HPD after gpu reset (stable-fixes).\n- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).\n- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).\n- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).\n- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).\n- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).\n- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).\n- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).\n- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).\n- drm/amdgpu/umsch: declare umsch firmware (git-fixes).\n- drm/amdkfd: Fix Circular Locking Dependency in \u0027svm_range_cpu_invalidate_pagetables\u0027 (git-fixes).\n- drm/atomic: Filter out redundant DPMS calls (stable-fixes).\n- drm/bridge: Fix spelling mistake \u0027gettin\u0027 -\u003e \u0027getting\u0027 (git-fixes).\n- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).\n- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).\n- drm/dp_mst: Fix drm RAD print (git-fixes).\n- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).\n- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).\n- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).\n- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).\n- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).\n- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL\u0027s own port width macro (git-fixes).\n- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).\n- drm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr (git-fixes).\n- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).\n- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).\n- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).\n- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).\n- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).\n- drm/msm/dpu: do not use active in atomic_check() (git-fixes).\n- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).\n- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).\n- drm/nouveau: Do not override forced connector status (stable-fixes).\n- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).\n- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).\n- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).\n- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).\n- drm/repaper: fix integer overflows in repeat functions (git-fixes).\n- drm/sched: Fix fence reference count leak (git-fixes).\n- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).\n- drm/ssd130x: fix ssd132x encoding (git-fixes).\n- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).\n- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).\n- drm/vkms: Fix use after free and double free on init error (git-fixes).\n- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).\n- dummycon: fix default rows/cols (git-fixes).\n- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).\n- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).\n- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).\n- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).\n- fbdev: sm501fb: Add some geometry checks (git-fixes).\n- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).\n- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).\n- firmware: cs_dsp: Remove async regmap writes (git-fixes).\n- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).\n- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).\n- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).\n- gpio: rcar: Fix missing of_node_put() call (git-fixes).\n- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).\n- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).\n- hid: apple: disable Fn key handling on the Omoton KB066 (git-fixes).\n- hid: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).\n- hid: appleir: Fix potential NULL dereference at raw event handle (git-fixes).\n- hid: Enable playstation driver independently of sony driver (git-fixes).\n- hid: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).\n- hid: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).\n- hid: hid-steam: Fix use-after-free when detaching device (git-fixes).\n- hid: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).\n- hid: ignore non-functional sensor in HP 5MP Camera (stable-fixes).\n- hid: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).\n- hid: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).\n- hid: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).\n- hid: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).\n- hid: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).\n- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).\n- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).\n- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).\n- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).\n- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).\n- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).\n- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).\n- i2c: omap: fix IRQ storms (git-fixes).\n- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).\n- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).\n- i3c: master: svc: Fix missing the IBI rules (git-fixes).\n- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).\n- ib/mad: Check available slots before posting receive WRs (git-fixes)\n- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).\n- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).\n- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).\n- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).\n- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).\n- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).\n- iio: dac: ad3552r: clear reset status flag (git-fixes).\n- iio: filter: admv8818: Force initialization of SDO (git-fixes).\n- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).\n- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).\n- init: add initramfs_internal.h (bsc#1232848).\n- initramfs: allocate heap buffers together (bsc#1232848).\n- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).\n- input: ads7846 - fix gpiod allocation (git-fixes).\n- input: i8042 - add required quirks for missing old boardnames (stable-fixes).\n- input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).\n- input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).\n- input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).\n- input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).\n- input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).\n- input: iqs7222 - preserve system status register (git-fixes).\n- input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).\n- input: xpad - add multiple supported devices (stable-fixes).\n- input: xpad - add support for TECNO Pocket Go (stable-fixes).\n- input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).\n- input: xpad - rename QH controller to Legion Go S (stable-fixes).\n- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).\n- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).\n- intel_th: pci: Add Arrow Lake support (stable-fixes).\n- intel_th: pci: Add Panther Lake-H support (stable-fixes).\n- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).\n- ioam6: improve checks on user data (git-fixes).\n- iommu/vt-d: Fix suspicious RCU usage (git-fixes).\n- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).\n- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).\n- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).\n- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).\n- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).\n- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).\n- ipv6: avoid atomic fragment on GSO packets (git-fixes).\n- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).\n- ipv6: fib: hide unused \u0027pn\u0027 variable (git-fixes).\n- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).\n- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).\n- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).\n- ipv6: fix potential NULL deref in fib6_add() (git-fixes).\n- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).\n- ipv6: introduce dst_rt6_info() helper (git-fixes).\n- ipv6: ioam: block BH from ioam6_output() (git-fixes).\n- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).\n- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).\n- ipv6: sr: add missing seg6_local_exit (git-fixes).\n- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).\n- ipv6: take care of scope when choosing the src addr (git-fixes).\n- ipv6: Use RCU in ip6_input() (bsc#1239994).\n- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).\n- jfs: add check read-only before txBeginAnon() call (git-fixes).\n- jfs: add index corruption check to DT_GETPAGE() (git-fixes).\n- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).\n- jfs: reject on-disk inodes of an unsupported type (git-fixes).\n- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).\n- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)\n- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).\n- kABI workaround for intel-ish-hid (git-fixes).\n- kABI workaround for soc_mixer_control changes (git-fixes).\n- kbuild: hdrcheck: fix cross build with clang (git-fixes).\n- kunit: qemu_configs: sparc: use Zilog console (git-fixes).\n- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).\n- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).\n- l2tp: fix lockdep splat (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).\n- lib: 842: Improve error handling in sw842_compress() (git-fixes).\n- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).\n- mdacon: rework dependency list (git-fixes).\n- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).\n- media: i2c: ccs: Set the device\u0027s runtime PM status correctly in remove (git-fixes).\n- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).\n- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).\n- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).\n- media: platform: stm32: Add check for clk_enable() (git-fixes).\n- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).\n- media: streamzap: fix race between device disconnection and urb callback (git-fixes).\n- media: streamzap: prevent processing IR data on URB failure (git-fixes).\n- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).\n- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).\n- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).\n- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).\n- media: venus: hfi: add check to handle incorrect queue size (git-fixes).\n- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).\n- media: vim2m: print device name after registering device (git-fixes).\n- media: visl: Fix ERANGE error when setting enum controls (git-fixes).\n- mei: me: add panther lake P DID (stable-fixes).\n- memblock tests: fix warning: \u0027__ALIGN_KERNEL\u0027 redefined (git-fixes). Fix tools/ build breakage introduced by suse commit 3d6cb93162fd \u0027bitmap: introduce generic optimized bitmap_size() (git-fixes)\u0027\n- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).\n- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).\n- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).\n- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).\n- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).\n- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).\n- mfd: syscon: Remove extern from function prototypes (stable-fixes).\n- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).\n- mm: accept to promo watermark (bsc#1239600).\n- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).\n- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).\n- mm: zswap: move allocations during CPU init outside the lock (git-fixes).\n- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).\n- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).\n- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).\n- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).\n- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).\n- Move upstreamed nfsd and sunrpc patches into sorted section\n- Move upstreamed PCI and initramfs patches into sorted section\n- Move upstreamed powerpc and SCSI patches into sorted section\n- mtd: Add check for devm_kcalloc() (git-fixes).\n- mtd: nand: Fix a kdoc comment (git-fixes).\n- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).\n- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).\n- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).\n- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).\n- net l2tp: drop flow hash on forward (git-fixes).\n- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).\n- net_sched: sch_sfq: annotate data-races around q-\u003eperturb_period (git-fixes).\n- net_sched: sch_sfq: handle bigger packets (git-fixes).\n- net: add dev_net_rcu() helper (bsc#1239994).\n- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).\n- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).\n- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).\n- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).\n- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).\n- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).\n- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).\n- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: ioam6: code alignment (git-fixes).\n- net: ipv6: ioam6: new feature tunsrc (git-fixes).\n- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).\n- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).\n- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).\n- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).\n- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).\n- net: mana: Allow variable size indirection table (bsc#1239016).\n- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).\n- net: mana: Avoid open coded arithmetic (bsc#1239016).\n- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).\n- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Support holes in device list reply msg (git-fixes).\n- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).\n- net: use unrcu_pointer() helper (git-fixes).\n- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).\n- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).\n- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).\n- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).\n- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).\n- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).\n- net/sched: flower: Add lock protection when remove filter handle (git-fixes).\n- net/sched: taprio: make q-\u003epicos_per_byte available to fill_sched_entry() (git-fixes).\n- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).\n- nfsd: clear acl_access/acl_default after releasing them (git-fixes).\n- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649). \n- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).\n- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).\n- nvme-ioctl: fix leaked requests on mapping error (git-fixes).\n- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).\n- nvme-pci: remove stale comment (git-fixes).\n- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).\n- nvme-tcp: Fix a C2HTermReq error message (git-fixes).\n- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).\n- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).\n- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).\n- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).\n- nvme: move passthrough logging attribute to head (git-fixes).\n- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).\n- nvmet-fc: Remove unused functions (git-fixes).\n- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).\n- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).\n- nvmet: remove old function prototype (git-fixes).\n- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).\n- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).\n- ocfs2: handle a symlink read error correctly (git-fixes).\n- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).\n- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).\n- orangefs: fix a oob in orangefs_debug_write (git-fixes).\n- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251).\n- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251). \n- padata: fix sysfs store callback check (git-fixes).\n- partitions: mac: fix handling of bogus partition table (git-fixes).\n- pci: Avoid reset when disabled via sysfs (git-fixes).\n- pci: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).\n- pci: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).\n- pci: brcmstb: Fix potential premature regulator disabling (git-fixes).\n- pci: brcmstb: Set generation limit before PCIe link up (git-fixes).\n- pci: brcmstb: Use internal register to change link capability (git-fixes).\n- pci: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).\n- pci: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).\n- pci: Fix reference leak in pci_alloc_child_bus() (git-fixes).\n- pci: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).\n- pci: Remove stray put_device() in pci_register_host_bridge() (git-fixes).\n- pci: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).\n- pci/acs: Fix \u0027pci=config_acs=\u0027 parameter (git-fixes).\n- pci/aspm: Fix link state exit during switch upstream function removal (git-fixes).\n- pci/doe: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)\n- pci/doe: Support discovery version 2 (bsc#1237853)\n- pci/portdrv: Only disable pciehp interrupts early when needed (git-fixes).\n- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).\n- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).\n- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).\n- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).\n- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).\n- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).\n- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).\n- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).\n- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).\n- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).\n- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).\n- pm: sleep: Adjust check before setting power.must_resume (git-fixes).\n- pm: sleep: Fix handling devices with direct_complete set on errors (git-fixes).\n- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).\n- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).\n- powerpc: Stop using no_llseek (bsc#1239573).\n- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).\n- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).\n- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).\n- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).\n- rapidio: fix an API misues when rio_add_net() fails (git-fixes).\n- ras: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619). \n- rdma/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)\n- rdma/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)\n- rdma/core: Do not expose hw_counters outside of init net namespace (git-fixes)\n- rdma/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)\n- rdma/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)\n- rdma/hns: Fix missing xa_destroy() (git-fixes)\n- rdma/hns: Fix soft lockup during bt pages loop (git-fixes)\n- rdma/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)\n- rdma/hns: Fix wrong value of max_sge_rd (git-fixes)\n- rdma/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).\n- rdma/mlx5: Fix cache entry update on dereg error (git-fixes)\n- rdma/mlx5: Fix calculation of total invalidated pages (git-fixes)\n- rdma/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)\n- rdma/mlx5: Fix MR cache initialization error flow (git-fixes)\n- rdma/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)\n- rdma/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)\n- Reapply \u0027wifi: ath11k: restore country code during resume\u0027 (bsc#1207948).\n- regulator: check that dummy regulator has been probed before using it (stable-fixes).\n- regulator: core: Fix deadlock in create_regulator() (git-fixes).\n- regulator: dummy: force synchronous probing (git-fixes).\n- Revert \u0027dm: requeue IO if mapping table not yet available\u0027 (git-fixes).\n- Revert \u0027drivers/card_reader/rtsx_usb: Restore interrupt based detection\u0027 (git-fixes).\n- Revert \u0027leds-pca955x: Remove the unused function pca95xx_num_led_regs()\u0027 (stable-fixes).\n- Revert \u0027wifi: ath11k: restore country code during resume\u0027 (bsc#1207948).\n- Revert \u0027wifi: ath11k: support hibernation\u0027 (bsc#1207948).\n- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).\n- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986) sle_version was obsoleted for SLE16. It has to be combined with suse_version check.\n- rpm/release-projects: Update the ALP projects again (bsc#1231293).\n- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).\n- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).\n- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).\n- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).\n- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).\n- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).\n- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).\n- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).\n- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).\n- selftests/mm/cow: fix the incorrect error handling (git-fixes).\n- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).\n- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).\n- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).\n- smb: client: destroy cfid_put_wq on module exit (git-fixes).\n- soc: imx8m: Remove global soc_uid (stable-fixes).\n- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).\n- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).\n- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).\n- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).\n- soc: qcom: pdr: Fix the potential deadlock (git-fixes).\n- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).\n- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).\n- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).\n- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).\n- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).\n- splice: do not checksum AF_UNIX sockets (bsc#1240333).\n- sunrpc: convert RPC_TASK_* constants to enum (git-fixes).\n- sunrpc: Handle -ETIMEDOUT return from tlshd (git-fixes).\n- sunrpc: Prevent looping due to rpc_signal_task() races (git-fixes).\n- sunrpc: suppress warnings for unused procfs functions (git-fixes).\n- supported.conf: add now-included qat_420xx (external, intel)\n- tcp: Add memory barrier to tcp_push() (git-fixes).\n- tcp: add tcp_done_with_error() helper (git-fixes).\n- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).\n- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).\n- tcp: Annotate data-race around sk-\u003esk_mark in tcp_v4_send_reset (git-fixes).\n- tcp: annotate data-races around tp-\u003ewindow_clamp (git-fixes).\n- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).\n- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).\n- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).\n- tcp: check space before adding MPTCP SYN options (git-fixes).\n- tcp: clear tp-\u003eretrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).\n- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).\n- tcp: Defer ts_recent changes until req is owned (git-fixes).\n- tcp: define initial scaling factor value as a macro (git-fixes).\n- tcp: derive delack_max from rto_min (git-fixes).\n- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).\n- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).\n- tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).\n- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).\n- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).\n- tcp: fix mid stream window clamp (git-fixes).\n- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).\n- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).\n- tcp: fix race in tcp_write_err() (git-fixes).\n- tcp: fix races in tcp_abort() (git-fixes).\n- tcp: fix races in tcp_v_err() (git-fixes).\n- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it\u0027s safe (git-fixes).\n- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).\n- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).\n- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).\n- tcp: increase the default TCP scaling ratio (git-fixes).\n- tcp: introduce tcp_clock_ms() (git-fixes).\n- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).\n- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).\n- tcp: remove 64 KByte limit for initial tp-\u003ercv_wnd value (git-fixes).\n- tcp: replace tcp_time_stamp_raw() (git-fixes).\n- tcp: Update window clamping condition (git-fixes).\n- thermal: int340x: Add NULL check for adev (git-fixes).\n- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).\n- tools: move alignment-related macros to new \u0026lt;linux/align.h\u003e (git-fixes). Fix tools/ build breakage introduced by suse commit 3d6cb93162fd \u0027bitmap: introduce generic optimized bitmap_size() (git-fixes)\u0027\n- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).\n- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).\n- tpm: do not start chip while suspended (git-fixes).\n- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).\n- ubi: Add a check for ubi_num (git-fixes).\n- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).\n- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).\n- ubi: correct the calculation of fastmap size (stable-fixes).\n- ubi: eba: properly rollback inside self_check_eba (git-fixes).\n- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).\n- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).\n- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).\n- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).\n- upstream: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).\n- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).\n- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).\n- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).\n- usb: gadget: Fix setting self-powered state on suspend (git-fixes).\n- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).\n- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).\n- usb: hub: lack of clearing xHC resources (git-fixes).\n- usb: phy: generic: Use proper helper for property detection (stable-fixes).\n- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).\n- usb: renesas_usbhs: Call clk_put() (git-fixes).\n- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).\n- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).\n- usb: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).\n- usb: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).\n- usb: serial: option: fix Telit Cinterion FE990A name (stable-fixes).\n- usb: serial: option: match on interface class for Telit FN990B (stable-fixes).\n- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).\n- usb: typec: ucsi: Fix NULL pointer access (git-fixes).\n- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).\n- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).\n- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).\n- usb: xhci: remove \u0027retval\u0027 from xhci_pci_resume() (git-fixes).\n- vboxsf: fix building with GCC 15 (stable-fixes).\n- wifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode (git-fixes).\n- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).\n- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).\n- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).\n- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).\n- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).\n- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).\n- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).\n- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).\n- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).\n- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).\n- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).\n- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).\n- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).\n- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).\n- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).\n- wifi: mt76: Add check for devm_kstrdup() (git-fixes).\n- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).\n- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).\n- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).\n- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).\n- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).\n- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).\n- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).\n- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).\n- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).\n- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).\n- x86/coco: Replace \u0027static const cc_mask\u0027 with the newly introduced cc_get_mask() function (git-fixes).\n- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).\n- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).\n- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).\n- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).\n- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).\n- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).\n- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).\n- x86/microcode: Add per CPU control field (git-fixes).\n- x86/microcode: Add per CPU result state (git-fixes).\n- x86/microcode: Clarify the late load logic (git-fixes).\n- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).\n- x86/microcode: Get rid of the schedule work indirection (git-fixes).\n- x86/microcode: Handle \u0027nosmt\u0027 correctly (git-fixes).\n- x86/microcode: Handle \u0027offline\u0027 CPUs correctly (git-fixes).\n- x86/microcode: Hide the config knob (git-fixes).\n- x86/microcode: Include vendor headers into microcode.h (git-fixes).\n- x86/microcode: Make reload_early_microcode() static (git-fixes).\n- x86/microcode: Mop up early loading leftovers (git-fixes).\n- x86/microcode: Move core specific defines to local header (git-fixes).\n- x86/microcode: Prepare for minimal revision check (git-fixes).\n- x86/microcode: Protect against instrumentation (git-fixes).\n- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).\n- x86/microcode: Provide new control functions (git-fixes).\n- x86/microcode: Remove microcode_mutex (git-fixes).\n- x86/microcode: Remove pointless apply() invocation (git-fixes).\n- x86/microcode: Rendezvous and load in NMI (git-fixes).\n- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).\n- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).\n- x86/microcode/32: Move early loading after paging enable (git-fixes).\n- x86/microcode/amd: Cache builtin microcode too (git-fixes).\n- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).\n- x86/microcode/amd: Use cached microcode for AP load (git-fixes).\n- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).\n- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).\n- x86/microcode/intel: Cleanup code further (git-fixes).\n- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).\n- x86/microcode/intel: Remove debug code (git-fixes).\n- x86/microcode/intel: Remove pointless mutex (git-fixes).\n- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).\n- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).\n- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).\n- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).\n- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).\n- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).\n- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).\n- x86/microcode/intel: Simplify early loading (git-fixes).\n- x86/microcode/intel: Simplify scan_microcode() (git-fixes).\n- x86/microcode/intel: Switch to kvmalloc() (git-fixes).\n- x86/microcode/intel: Unify microcode apply() functions (git-fixes).\n- x86/mm: Remove unused microcode.h include (git-fixes).\n- x86/platform/olpc: Remove unused variable \u0027len\u0027 in olpc_dt_compatible_match() (git-fixes).\n- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).\n- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()\u0027s description (git-fixes).\n- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).\n- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).\n- xhci: Combine two if statements for Etron xHCI host  (jsc#PED-10701).\n- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).\n- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).\n- xhci: dbc: Convert to use sysfs_streq() (git-fixes).\n- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).\n- xhci: dbc: Fix STALL transfer event handling (git-fixes).\n- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).\n- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).\n- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).\n- xhci: Do not issue Reset Device command to Etron xHCI host  (jsc#PED-10701).\n- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).\n- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).\n- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).\n- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).\n- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).\n- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).\n- xhci: pci: Use standard pattern for device IDs (git-fixes).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-1178,SUSE-SLE-Module-Live-Patching-15-SP6-2025-1178,SUSE-SLE-Module-RT-15-SP6-2025-1178,openSUSE-SLE-15.6-2025-1178",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1178-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:1178-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251178-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:1178-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020674.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1207948",
        "url": "https://bugzilla.suse.com/1207948"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1215199",
        "url": "https://bugzilla.suse.com/1215199"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1215211",
        "url": "https://bugzilla.suse.com/1215211"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1218470",
        "url": "https://bugzilla.suse.com/1218470"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221651",
        "url": "https://bugzilla.suse.com/1221651"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1222649",
        "url": "https://bugzilla.suse.com/1222649"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1223047",
        "url": "https://bugzilla.suse.com/1223047"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1224489",
        "url": "https://bugzilla.suse.com/1224489"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1224610",
        "url": "https://bugzilla.suse.com/1224610"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225533",
        "url": "https://bugzilla.suse.com/1225533"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225742",
        "url": "https://bugzilla.suse.com/1225742"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225770",
        "url": "https://bugzilla.suse.com/1225770"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1226871",
        "url": "https://bugzilla.suse.com/1226871"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1227858",
        "url": "https://bugzilla.suse.com/1227858"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1228653",
        "url": "https://bugzilla.suse.com/1228653"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229311",
        "url": "https://bugzilla.suse.com/1229311"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229361",
        "url": "https://bugzilla.suse.com/1229361"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1230497",
        "url": "https://bugzilla.suse.com/1230497"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1230728",
        "url": "https://bugzilla.suse.com/1230728"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1230769",
        "url": "https://bugzilla.suse.com/1230769"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1230832",
        "url": "https://bugzilla.suse.com/1230832"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1231293",
        "url": "https://bugzilla.suse.com/1231293"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1231432",
        "url": "https://bugzilla.suse.com/1231432"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232364",
        "url": "https://bugzilla.suse.com/1232364"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232389",
        "url": "https://bugzilla.suse.com/1232389"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232421",
        "url": "https://bugzilla.suse.com/1232421"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232743",
        "url": "https://bugzilla.suse.com/1232743"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232812",
        "url": "https://bugzilla.suse.com/1232812"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232848",
        "url": "https://bugzilla.suse.com/1232848"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232895",
        "url": "https://bugzilla.suse.com/1232895"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1233033",
        "url": "https://bugzilla.suse.com/1233033"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1233060",
        "url": "https://bugzilla.suse.com/1233060"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1233259",
        "url": "https://bugzilla.suse.com/1233259"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1233260",
        "url": "https://bugzilla.suse.com/1233260"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1233479",
        "url": "https://bugzilla.suse.com/1233479"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1233551",
        "url": "https://bugzilla.suse.com/1233551"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1233557",
        "url": "https://bugzilla.suse.com/1233557"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1233749",
        "url": "https://bugzilla.suse.com/1233749"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1234222",
        "url": "https://bugzilla.suse.com/1234222"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1234480",
        "url": "https://bugzilla.suse.com/1234480"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1234828",
        "url": "https://bugzilla.suse.com/1234828"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1234936",
        "url": "https://bugzilla.suse.com/1234936"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235436",
        "url": "https://bugzilla.suse.com/1235436"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235455",
        "url": "https://bugzilla.suse.com/1235455"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235501",
        "url": "https://bugzilla.suse.com/1235501"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235524",
        "url": "https://bugzilla.suse.com/1235524"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235589",
        "url": "https://bugzilla.suse.com/1235589"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235591",
        "url": "https://bugzilla.suse.com/1235591"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235621",
        "url": "https://bugzilla.suse.com/1235621"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235637",
        "url": "https://bugzilla.suse.com/1235637"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235698",
        "url": "https://bugzilla.suse.com/1235698"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235711",
        "url": "https://bugzilla.suse.com/1235711"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235712",
        "url": "https://bugzilla.suse.com/1235712"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235715",
        "url": "https://bugzilla.suse.com/1235715"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235729",
        "url": "https://bugzilla.suse.com/1235729"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235733",
        "url": "https://bugzilla.suse.com/1235733"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235761",
        "url": "https://bugzilla.suse.com/1235761"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235870",
        "url": "https://bugzilla.suse.com/1235870"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235973",
        "url": "https://bugzilla.suse.com/1235973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1236099",
        "url": "https://bugzilla.suse.com/1236099"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1236111",
        "url": "https://bugzilla.suse.com/1236111"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1236206",
        "url": "https://bugzilla.suse.com/1236206"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1236333",
        "url": "https://bugzilla.suse.com/1236333"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1236692",
        "url": "https://bugzilla.suse.com/1236692"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237029",
        "url": "https://bugzilla.suse.com/1237029"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237164",
        "url": "https://bugzilla.suse.com/1237164"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237313",
        "url": "https://bugzilla.suse.com/1237313"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237530",
        "url": "https://bugzilla.suse.com/1237530"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237558",
        "url": "https://bugzilla.suse.com/1237558"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237562",
        "url": "https://bugzilla.suse.com/1237562"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237565",
        "url": "https://bugzilla.suse.com/1237565"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237571",
        "url": "https://bugzilla.suse.com/1237571"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237853",
        "url": "https://bugzilla.suse.com/1237853"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237856",
        "url": "https://bugzilla.suse.com/1237856"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237873",
        "url": "https://bugzilla.suse.com/1237873"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237875",
        "url": "https://bugzilla.suse.com/1237875"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237876",
        "url": "https://bugzilla.suse.com/1237876"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237877",
        "url": "https://bugzilla.suse.com/1237877"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237881",
        "url": "https://bugzilla.suse.com/1237881"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237885",
        "url": "https://bugzilla.suse.com/1237885"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237890",
        "url": "https://bugzilla.suse.com/1237890"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237894",
        "url": "https://bugzilla.suse.com/1237894"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237897",
        "url": "https://bugzilla.suse.com/1237897"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237900",
        "url": "https://bugzilla.suse.com/1237900"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237906",
        "url": "https://bugzilla.suse.com/1237906"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237907",
        "url": "https://bugzilla.suse.com/1237907"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237911",
        "url": "https://bugzilla.suse.com/1237911"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237912",
        "url": "https://bugzilla.suse.com/1237912"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1237950",
        "url": "https://bugzilla.suse.com/1237950"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238212",
        "url": "https://bugzilla.suse.com/1238212"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238474",
        "url": "https://bugzilla.suse.com/1238474"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238475",
        "url": "https://bugzilla.suse.com/1238475"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238479",
        "url": "https://bugzilla.suse.com/1238479"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238494",
        "url": "https://bugzilla.suse.com/1238494"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238496",
        "url": "https://bugzilla.suse.com/1238496"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238497",
        "url": "https://bugzilla.suse.com/1238497"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238500",
        "url": "https://bugzilla.suse.com/1238500"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238501",
        "url": "https://bugzilla.suse.com/1238501"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238502",
        "url": "https://bugzilla.suse.com/1238502"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238503",
        "url": "https://bugzilla.suse.com/1238503"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238506",
        "url": "https://bugzilla.suse.com/1238506"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238507",
        "url": "https://bugzilla.suse.com/1238507"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238510",
        "url": "https://bugzilla.suse.com/1238510"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238511",
        "url": "https://bugzilla.suse.com/1238511"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238512",
        "url": "https://bugzilla.suse.com/1238512"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238521",
        "url": "https://bugzilla.suse.com/1238521"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238523",
        "url": "https://bugzilla.suse.com/1238523"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238526",
        "url": "https://bugzilla.suse.com/1238526"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238528",
        "url": "https://bugzilla.suse.com/1238528"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238529",
        "url": "https://bugzilla.suse.com/1238529"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238531",
        "url": "https://bugzilla.suse.com/1238531"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238532",
        "url": "https://bugzilla.suse.com/1238532"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238715",
        "url": "https://bugzilla.suse.com/1238715"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238716",
        "url": "https://bugzilla.suse.com/1238716"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238734",
        "url": "https://bugzilla.suse.com/1238734"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238735",
        "url": "https://bugzilla.suse.com/1238735"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238736",
        "url": "https://bugzilla.suse.com/1238736"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238738",
        "url": "https://bugzilla.suse.com/1238738"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238747",
        "url": "https://bugzilla.suse.com/1238747"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238754",
        "url": "https://bugzilla.suse.com/1238754"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238757",
        "url": "https://bugzilla.suse.com/1238757"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238760",
        "url": "https://bugzilla.suse.com/1238760"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238762",
        "url": "https://bugzilla.suse.com/1238762"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238763",
        "url": "https://bugzilla.suse.com/1238763"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238767",
        "url": "https://bugzilla.suse.com/1238767"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238768",
        "url": "https://bugzilla.suse.com/1238768"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238771",
        "url": "https://bugzilla.suse.com/1238771"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238772",
        "url": "https://bugzilla.suse.com/1238772"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238773",
        "url": "https://bugzilla.suse.com/1238773"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238775",
        "url": "https://bugzilla.suse.com/1238775"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238780",
        "url": "https://bugzilla.suse.com/1238780"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238781",
        "url": "https://bugzilla.suse.com/1238781"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238785",
        "url": "https://bugzilla.suse.com/1238785"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238864",
        "url": "https://bugzilla.suse.com/1238864"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238865",
        "url": "https://bugzilla.suse.com/1238865"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238876",
        "url": "https://bugzilla.suse.com/1238876"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238903",
        "url": "https://bugzilla.suse.com/1238903"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238904",
        "url": "https://bugzilla.suse.com/1238904"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238905",
        "url": "https://bugzilla.suse.com/1238905"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238909",
        "url": "https://bugzilla.suse.com/1238909"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238911",
        "url": "https://bugzilla.suse.com/1238911"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238917",
        "url": "https://bugzilla.suse.com/1238917"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238958",
        "url": "https://bugzilla.suse.com/1238958"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238959",
        "url": "https://bugzilla.suse.com/1238959"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238963",
        "url": "https://bugzilla.suse.com/1238963"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238964",
        "url": "https://bugzilla.suse.com/1238964"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238969",
        "url": "https://bugzilla.suse.com/1238969"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238971",
        "url": "https://bugzilla.suse.com/1238971"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238973",
        "url": "https://bugzilla.suse.com/1238973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238975",
        "url": "https://bugzilla.suse.com/1238975"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238978",
        "url": "https://bugzilla.suse.com/1238978"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238979",
        "url": "https://bugzilla.suse.com/1238979"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238981",
        "url": "https://bugzilla.suse.com/1238981"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238984",
        "url": "https://bugzilla.suse.com/1238984"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238986",
        "url": "https://bugzilla.suse.com/1238986"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238993",
        "url": "https://bugzilla.suse.com/1238993"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238994",
        "url": "https://bugzilla.suse.com/1238994"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238997",
        "url": "https://bugzilla.suse.com/1238997"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239015",
        "url": "https://bugzilla.suse.com/1239015"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239016",
        "url": "https://bugzilla.suse.com/1239016"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239027",
        "url": "https://bugzilla.suse.com/1239027"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239029",
        "url": "https://bugzilla.suse.com/1239029"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239030",
        "url": "https://bugzilla.suse.com/1239030"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239033",
        "url": "https://bugzilla.suse.com/1239033"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239034",
        "url": "https://bugzilla.suse.com/1239034"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239036",
        "url": "https://bugzilla.suse.com/1239036"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239037",
        "url": "https://bugzilla.suse.com/1239037"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239038",
        "url": "https://bugzilla.suse.com/1239038"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239039",
        "url": "https://bugzilla.suse.com/1239039"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239045",
        "url": "https://bugzilla.suse.com/1239045"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239065",
        "url": "https://bugzilla.suse.com/1239065"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239068",
        "url": "https://bugzilla.suse.com/1239068"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239073",
        "url": "https://bugzilla.suse.com/1239073"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239076",
        "url": "https://bugzilla.suse.com/1239076"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239080",
        "url": "https://bugzilla.suse.com/1239080"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239085",
        "url": "https://bugzilla.suse.com/1239085"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239087",
        "url": "https://bugzilla.suse.com/1239087"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239095",
        "url": "https://bugzilla.suse.com/1239095"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239104",
        "url": "https://bugzilla.suse.com/1239104"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239105",
        "url": "https://bugzilla.suse.com/1239105"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239109",
        "url": "https://bugzilla.suse.com/1239109"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239112",
        "url": "https://bugzilla.suse.com/1239112"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239114",
        "url": "https://bugzilla.suse.com/1239114"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239115",
        "url": "https://bugzilla.suse.com/1239115"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239117",
        "url": "https://bugzilla.suse.com/1239117"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239167",
        "url": "https://bugzilla.suse.com/1239167"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239174",
        "url": "https://bugzilla.suse.com/1239174"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239346",
        "url": "https://bugzilla.suse.com/1239346"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239349",
        "url": "https://bugzilla.suse.com/1239349"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239435",
        "url": "https://bugzilla.suse.com/1239435"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239467",
        "url": "https://bugzilla.suse.com/1239467"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239468",
        "url": "https://bugzilla.suse.com/1239468"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239471",
        "url": "https://bugzilla.suse.com/1239471"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239473",
        "url": "https://bugzilla.suse.com/1239473"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239474",
        "url": "https://bugzilla.suse.com/1239474"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239477",
        "url": "https://bugzilla.suse.com/1239477"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239478",
        "url": "https://bugzilla.suse.com/1239478"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239479",
        "url": "https://bugzilla.suse.com/1239479"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239481",
        "url": "https://bugzilla.suse.com/1239481"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239482",
        "url": "https://bugzilla.suse.com/1239482"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239483",
        "url": "https://bugzilla.suse.com/1239483"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239484",
        "url": "https://bugzilla.suse.com/1239484"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239486",
        "url": "https://bugzilla.suse.com/1239486"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239508",
        "url": "https://bugzilla.suse.com/1239508"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239512",
        "url": "https://bugzilla.suse.com/1239512"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239518",
        "url": "https://bugzilla.suse.com/1239518"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239573",
        "url": "https://bugzilla.suse.com/1239573"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239594",
        "url": "https://bugzilla.suse.com/1239594"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239595",
        "url": "https://bugzilla.suse.com/1239595"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239600",
        "url": "https://bugzilla.suse.com/1239600"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239605",
        "url": "https://bugzilla.suse.com/1239605"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239615",
        "url": "https://bugzilla.suse.com/1239615"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239644",
        "url": "https://bugzilla.suse.com/1239644"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239707",
        "url": "https://bugzilla.suse.com/1239707"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239986",
        "url": "https://bugzilla.suse.com/1239986"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1239994",
        "url": "https://bugzilla.suse.com/1239994"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240169",
        "url": "https://bugzilla.suse.com/1240169"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240172",
        "url": "https://bugzilla.suse.com/1240172"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240173",
        "url": "https://bugzilla.suse.com/1240173"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240175",
        "url": "https://bugzilla.suse.com/1240175"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240177",
        "url": "https://bugzilla.suse.com/1240177"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240179",
        "url": "https://bugzilla.suse.com/1240179"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240182",
        "url": "https://bugzilla.suse.com/1240182"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240183",
        "url": "https://bugzilla.suse.com/1240183"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240186",
        "url": "https://bugzilla.suse.com/1240186"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240188",
        "url": "https://bugzilla.suse.com/1240188"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240189",
        "url": "https://bugzilla.suse.com/1240189"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240191",
        "url": "https://bugzilla.suse.com/1240191"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240192",
        "url": "https://bugzilla.suse.com/1240192"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240333",
        "url": "https://bugzilla.suse.com/1240333"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240334",
        "url": "https://bugzilla.suse.com/1240334"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-52831 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-52831/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-52926 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-52926/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-52927 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-52927/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-26634 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-26634/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-26873 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-26873/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-35826 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-35826/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-35910 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-35910/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-38606 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-38606/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-41005 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-41005/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-41077 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-41077/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-41149 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-41149/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-42307 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-42307/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-43820 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-43820/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-46736 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-46736/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-46782 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-46782/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-46796 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-46796/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-47408 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-47408/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-47794 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-47794/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-49571 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-49571/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-49924 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-49924/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-49940 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-49940/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-49994 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-49994/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-50056 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-50056/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-50126 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-50126/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-50140 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-50140/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-50152 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-50152/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-50290 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-50290/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-52559 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-52559/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-53057 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-53057/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-53063 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-53063/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-53140 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-53140/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-53163 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-53163/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-53680 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-53680/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-54683 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-54683/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56638 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56638/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56640 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56640/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56702 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56702/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56703 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56703/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56718 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56718/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56719 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56719/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56751 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56751/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56758 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56758/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56770 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56770/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57807 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57807/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57834 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57834/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57900 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57900/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57947 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57947/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57973 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57973/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57974 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57974/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57978 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57978/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57979 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57979/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57980 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57980/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57981 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57981/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57986 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57986/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57990 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57990/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57993 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57993/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57996 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57996/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57997 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57997/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-57999 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-57999/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58002 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58002/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58005 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58005/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58006 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58006/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58007 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58007/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58009 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58009/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58011 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58011/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58012 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58012/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58013 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58013/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58014 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58014/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58017 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58017/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58019 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58019/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58020 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58020/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58034 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58034/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58051 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58051/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58052 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58052/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58054 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58054/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58055 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58055/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58056 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58056/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58057 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58057/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58058 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58058/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58061 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58061/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58063 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58063/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58069 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58069/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58072 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58072/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58076 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58076/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58078 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58078/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58079 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58079/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58080 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58080/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58083 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58083/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58085 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58085/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-58086 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-58086/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21631 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21631/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21635 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21635/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21659 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21659/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21671 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21671/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21693 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21693/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21701 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21701/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21703 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21703/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21704 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21704/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21706 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21706/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21708 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21708/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21711 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21711/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21714 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21714/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21718 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21718/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21723 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21723/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21726 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21726/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21727 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21727/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21731 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21731/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21732 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21732/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21733 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21733/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21734 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21734/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21735 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21735/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21736 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21736/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21738 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21738/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21739 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21739/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21741 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21741/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21742 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21742/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21743 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21743/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21744 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21744/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21745 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21745/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21749 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21749/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21750 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21750/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21753 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21753/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21754 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21754/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21756 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21756/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21759 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21759/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21760 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21760/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21761 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21761/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21762 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21762/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21763 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21763/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21764 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21764/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21765 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21765/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21766 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21766/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21772 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21772/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21773 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21773/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21775 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21775/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21776 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21776/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21779 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21779/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21780 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21780/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21781 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21781/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21782 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21782/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21784 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21784/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21785 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21785/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21791 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21791/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21793 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21793/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21794 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21794/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21796 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21796/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21804 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21804/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21810 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21810/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21815 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21815/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21819 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21819/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21820 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21820/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21821 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21821/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21823 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21823/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21825 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21825/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21828 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21828/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21829 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21829/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21830 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21830/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21831 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21831/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21832 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21832/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21835 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21835/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21838 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21838/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21844 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21844/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21846 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21846/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21847 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21847/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21848 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21848/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21850 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21850/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21855 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21855/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21856 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21856/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21857 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21857/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21858 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21858/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21859 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21859/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21861 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21861/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21862 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21862/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21864 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21864/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21865 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21865/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21866 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21866/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21869 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21869/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21870 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21870/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21871 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21871/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21876 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21876/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21877 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21877/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21878 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21878/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21883 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21883/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21885 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21885/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21886 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21886/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21888 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21888/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21890 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21890/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21891 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21891/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-21892 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-21892/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2025-04-08T16:32:07Z",
      "generator": {
        "date": "2025-04-08T16:32:07Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:1178-1",
      "initial_release_date": "2025-04-08T16:32:07Z",
      "revision_history": [
        {
          "date": "2025-04-08T16:32:07Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
                "product": {
                  "name": "kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
                  "product_id": "kernel-devel-rt-6.4.0-150600.10.34.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-rt-6.4.0-150600.10.34.1.noarch",
                "product": {
                  "name": "kernel-source-rt-6.4.0-150600.10.34.1.noarch",
                  "product_id": "kernel-source-rt-6.4.0-150600.10.34.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
                  "product_id": "kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "kernel-rt-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "kernel-rt-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "kernel-rt-devel-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "kernel-rt-extra-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-livepatch-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "kernel-rt-livepatch-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "kernel-rt-livepatch-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "kernel-rt-optional-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "kernel-rt_debug-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "kernel-syms-rt-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64",
                "product": {
                  "name": "reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64",
                  "product_id": "reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15 SP6",
                  "product_id": "SUSE Linux Enterprise Live Patching 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Real Time Module 15 SP6",
                "product": {
                  "name": "SUSE Real Time Module 15 SP6",
                  "product_id": "SUSE Real Time Module 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-rt:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.6",
                "product": {
                  "name": "openSUSE Leap 15.6",
                  "product_id": "openSUSE Leap 15.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64"
        },
        "product_reference": "kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
          "product_id": "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
          "product_id": "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
          "product_id": "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-rt-6.4.0-150600.10.34.1.noarch as component of SUSE Real Time Module 15 SP6",
          "product_id": "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch"
        },
        "product_reference": "kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
          "product_id": "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kernel-rt-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
          "product_id": "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_debug-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
          "product_id": "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
          "product_id": "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-rt-6.4.0-150600.10.34.1.noarch as component of SUSE Real Time Module 15 SP6",
          "product_id": "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch"
        },
        "product_reference": "kernel-source-rt-6.4.0-150600.10.34.1.noarch",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-rt-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
          "product_id": "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
          "product_id": "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "SUSE Real Time Module 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-rt-6.4.0-150600.10.34.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch"
        },
        "product_reference": "kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kernel-rt-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-extra-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-optional-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_debug-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-rt-6.4.0-150600.10.34.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch"
        },
        "product_reference": "kernel-source-rt-6.4.0-150600.10.34.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-52831",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-52831"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpu/hotplug: Don\u0027t offline the last non-isolated CPU\n\nIf a system has isolated CPUs via the \"isolcpus=\" command line parameter,\nthen an attempt to offline the last housekeeping CPU will result in a\nWARN_ON() when rebuilding the scheduler domains and a subsequent panic due\nto and unhandled empty CPU mas in partition_sched_domains_locked().\n\ncpuset_hotplug_workfn()\n  rebuild_sched_domains_locked()\n    ndoms = generate_sched_domains(\u0026doms, \u0026attr);\n      cpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));\n\nThus results in an empty CPU mask which triggers the warning and then the\nsubsequent crash:\n\nWARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408\nCall trace:\n build_sched_domains+0x120c/0x1408\n partition_sched_domains_locked+0x234/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n rebuild_sched_domains+0x30/0x58\n cpuset_hotplug_workfn+0x2a8/0x930\n\nUnable to handle kernel paging request at virtual address fffe80027ab37080\n partition_sched_domains_locked+0x318/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n\nAside of the resulting crash, it does not make any sense to offline the last\nlast housekeeping CPU.\n\nPrevent this by masking out the non-housekeeping CPUs when selecting a\ntarget CPU for initiating the CPU unplug operation via the work queue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-52831",
          "url": "https://www.suse.com/security/cve/CVE-2023-52831"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225533 for CVE-2023-52831",
          "url": "https://bugzilla.suse.com/1225533"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-52831"
    },
    {
      "cve": "CVE-2023-52926",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-52926"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIORING_OP_READ did not correctly consume the provided buffer list when\nread i/o returned \u003c 0 (except for -EAGAIN and -EIOCBQUEUED return).\nThis can lead to a potential use-after-free when the completion via\nio_rw_done runs at separate context.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-52926",
          "url": "https://www.suse.com/security/cve/CVE-2023-52926"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237565 for CVE-2023-52926",
          "url": "https://bugzilla.suse.com/1237565"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237567 for CVE-2023-52926",
          "url": "https://bugzilla.suse.com/1237567"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-52926"
    },
    {
      "cve": "CVE-2023-52927",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-52927"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-52927",
          "url": "https://www.suse.com/security/cve/CVE-2023-52927"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239644 for CVE-2023-52927",
          "url": "https://bugzilla.suse.com/1239644"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1246016 for CVE-2023-52927",
          "url": "https://bugzilla.suse.com/1246016"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-52927"
    },
    {
      "cve": "CVE-2024-26634",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-26634"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix removing a namespace with conflicting altnames\n\nMark reports a BUG() when a net namespace is removed.\n\n    kernel BUG at net/core/dev.c:11520!\n\nPhysical interfaces moved outside of init_net get \"refunded\"\nto init_net when that namespace disappears. The main interface\nname may get overwritten in the process if it would have\nconflicted. We need to also discard all conflicting altnames.\nRecent fixes addressed ensuring that altnames get moved\nwith the main interface, which surfaced this problem.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-26634",
          "url": "https://www.suse.com/security/cve/CVE-2024-26634"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221651 for CVE-2024-26634",
          "url": "https://bugzilla.suse.com/1221651"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-26634"
    },
    {
      "cve": "CVE-2024-26873",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-26873"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Fix a deadlock issue related to automatic dump\n\nIf we issue a disabling PHY command, the device attached with it will go\noffline, if a 2 bit ECC error occurs at the same time, a hung task may be\nfound:\n\n[ 4613.652388] INFO: task kworker/u256:0:165233 blocked for more than 120 seconds.\n[ 4613.666297] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.674809] task:kworker/u256:0  state:D stack:    0 pid:165233 ppid:     2 flags:0x00000208\n[ 4613.683959] Workqueue: 0000:74:02.0_disco_q sas_revalidate_domain [libsas]\n[ 4613.691518] Call trace:\n[ 4613.694678]  __switch_to+0xf8/0x17c\n[ 4613.698872]  __schedule+0x660/0xee0\n[ 4613.703063]  schedule+0xac/0x240\n[ 4613.706994]  schedule_timeout+0x500/0x610\n[ 4613.711705]  __down+0x128/0x36c\n[ 4613.715548]  down+0x240/0x2d0\n[ 4613.719221]  hisi_sas_internal_abort_timeout+0x1bc/0x260 [hisi_sas_main]\n[ 4613.726618]  sas_execute_internal_abort+0x144/0x310 [libsas]\n[ 4613.732976]  sas_execute_internal_abort_dev+0x44/0x60 [libsas]\n[ 4613.739504]  hisi_sas_internal_task_abort_dev.isra.0+0xbc/0x1b0 [hisi_sas_main]\n[ 4613.747499]  hisi_sas_dev_gone+0x174/0x250 [hisi_sas_main]\n[ 4613.753682]  sas_notify_lldd_dev_gone+0xec/0x2e0 [libsas]\n[ 4613.759781]  sas_unregister_common_dev+0x4c/0x7a0 [libsas]\n[ 4613.765962]  sas_destruct_devices+0xb8/0x120 [libsas]\n[ 4613.771709]  sas_do_revalidate_domain.constprop.0+0x1b8/0x31c [libsas]\n[ 4613.778930]  sas_revalidate_domain+0x60/0xa4 [libsas]\n[ 4613.784716]  process_one_work+0x248/0x950\n[ 4613.789424]  worker_thread+0x318/0x934\n[ 4613.793878]  kthread+0x190/0x200\n[ 4613.797810]  ret_from_fork+0x10/0x18\n[ 4613.802121] INFO: task kworker/u256:4:316722 blocked for more than 120 seconds.\n[ 4613.816026] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.824538] task:kworker/u256:4  state:D stack:    0 pid:316722 ppid:     2 flags:0x00000208\n[ 4613.833670] Workqueue: 0000:74:02.0 hisi_sas_rst_work_handler [hisi_sas_main]\n[ 4613.841491] Call trace:\n[ 4613.844647]  __switch_to+0xf8/0x17c\n[ 4613.848852]  __schedule+0x660/0xee0\n[ 4613.853052]  schedule+0xac/0x240\n[ 4613.856984]  schedule_timeout+0x500/0x610\n[ 4613.861695]  __down+0x128/0x36c\n[ 4613.865542]  down+0x240/0x2d0\n[ 4613.869216]  hisi_sas_controller_prereset+0x58/0x1fc [hisi_sas_main]\n[ 4613.876324]  hisi_sas_rst_work_handler+0x40/0x8c [hisi_sas_main]\n[ 4613.883019]  process_one_work+0x248/0x950\n[ 4613.887732]  worker_thread+0x318/0x934\n[ 4613.892204]  kthread+0x190/0x200\n[ 4613.896118]  ret_from_fork+0x10/0x18\n[ 4613.900423] INFO: task kworker/u256:1:348985 blocked for more than 121 seconds.\n[ 4613.914341] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.922852] task:kworker/u256:1  state:D stack:    0 pid:348985 ppid:     2 flags:0x00000208\n[ 4613.931984] Workqueue: 0000:74:02.0_event_q sas_port_event_worker [libsas]\n[ 4613.939549] Call trace:\n[ 4613.942702]  __switch_to+0xf8/0x17c\n[ 4613.946892]  __schedule+0x660/0xee0\n[ 4613.951083]  schedule+0xac/0x240\n[ 4613.955015]  schedule_timeout+0x500/0x610\n[ 4613.959725]  wait_for_common+0x200/0x610\n[ 4613.964349]  wait_for_completion+0x3c/0x5c\n[ 4613.969146]  flush_workqueue+0x198/0x790\n[ 4613.973776]  sas_porte_broadcast_rcvd+0x1e8/0x320 [libsas]\n[ 4613.979960]  sas_port_event_worker+0x54/0xa0 [libsas]\n[ 4613.985708]  process_one_work+0x248/0x950\n[ 4613.990420]  worker_thread+0x318/0x934\n[ 4613.994868]  kthread+0x190/0x200\n[ 4613.998800]  ret_from_fork+0x10/0x18\n\nThis is because when the device goes offline, we obtain the hisi_hba\nsemaphore and send the ABORT_DEV command to the device. However, the\ninternal abort timed out due to the 2 bit ECC error and triggers automatic\ndump. In addition, since the hisi_hba semaphore has been obtained, the dump\ncannot be executed and the controller cannot be reset.\n\nTherefore, the deadlocks occur on the following circular dependencies\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-26873",
          "url": "https://www.suse.com/security/cve/CVE-2024-26873"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1223047 for CVE-2024-26873",
          "url": "https://bugzilla.suse.com/1223047"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-26873"
    },
    {
      "cve": "CVE-2024-35826",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-35826"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix page refcounts for unaligned buffers in __bio_release_pages()\n\nFix an incorrect number of pages being released for buffers that do not\nstart at the beginning of a page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-35826",
          "url": "https://www.suse.com/security/cve/CVE-2024-35826"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224610 for CVE-2024-35826",
          "url": "https://bugzilla.suse.com/1224610"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-35826"
    },
    {
      "cve": "CVE-2024-35910",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-35910"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: properly terminate timers for kernel sockets\n\nWe had various syzbot reports about tcp timers firing after\nthe corresponding netns has been dismantled.\n\nFortunately Josef Bacik could trigger the issue more often,\nand could test a patch I wrote two years ago.\n\nWhen TCP sockets are closed, we call inet_csk_clear_xmit_timers()\nto \u0027stop\u0027 the timers.\n\ninet_csk_clear_xmit_timers() can be called from any context,\nincluding when socket lock is held.\nThis is the reason it uses sk_stop_timer(), aka del_timer().\nThis means that ongoing timers might finish much later.\n\nFor user sockets, this is fine because each running timer\nholds a reference on the socket, and the user socket holds\na reference on the netns.\n\nFor kernel sockets, we risk that the netns is freed before\ntimer can complete, because kernel sockets do not hold\nreference on the netns.\n\nThis patch adds inet_csk_clear_xmit_timers_sync() function\nthat using sk_stop_timer_sync() to make sure all timers\nare terminated before the kernel socket is released.\nModules using kernel sockets close them in their netns exit()\nhandler.\n\nAlso add sock_not_owned_by_me() helper to get LOCKDEP\nsupport : inet_csk_clear_xmit_timers_sync() must not be called\nwhile socket lock is held.\n\nIt is very possible we can revert in the future commit\n3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\")\nwhich attempted to solve the issue in rds only.\n(net/smc/af_smc.c and net/mptcp/subflow.c have similar code)\n\nWe probably can remove the check_net() tests from\ntcp_out_of_resources() and __tcp_close() in the future.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-35910",
          "url": "https://www.suse.com/security/cve/CVE-2024-35910"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224489 for CVE-2024-35910",
          "url": "https://bugzilla.suse.com/1224489"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-35910"
    },
    {
      "cve": "CVE-2024-38606",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-38606"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - validate slices count returned by FW\n\nThe function adf_send_admin_tl_start() enables the telemetry (TL)\nfeature on a QAT device by sending the ICP_QAT_FW_TL_START message to\nthe firmware. This triggers the FW to start writing TL data to a DMA\nbuffer in memory and returns an array containing the number of\naccelerators of each type (slices) supported by this HW.\nThe pointer to this array is stored in the adf_tl_hw_data data\nstructure called slice_cnt.\n\nThe array slice_cnt is then used in the function tl_print_dev_data()\nto report in debugfs only statistics about the supported accelerators.\nAn incorrect value of the elements in slice_cnt might lead to an out\nof bounds memory read.\nAt the moment, there isn\u0027t an implementation of FW that returns a wrong\nvalue, but for robustness validate the slice count array returned by FW.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-38606",
          "url": "https://www.suse.com/security/cve/CVE-2024-38606"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226871 for CVE-2024-38606",
          "url": "https://bugzilla.suse.com/1226871"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-38606"
    },
    {
      "cve": "CVE-2024-41005",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-41005"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetpoll: Fix race condition in netpoll_owner_active\n\nKCSAN detected a race condition in netpoll:\n\n\tBUG: KCSAN: data-race in net_rx_action / netpoll_send_skb\n\twrite (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10:\n\tnet_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822)\n\u003csnip\u003e\n\tread to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2:\n\tnetpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393)\n\tnetpoll_send_udp (net/core/netpoll.c:?)\n\u003csnip\u003e\n\tvalue changed: 0x0000000a -\u003e 0xffffffff\n\nThis happens because netpoll_owner_active() needs to check if the\ncurrent CPU is the owner of the lock, touching napi-\u003epoll_owner\nnon atomically. The -\u003epoll_owner field contains the current CPU holding\nthe lock.\n\nUse an atomic read to check if the poll owner is the current CPU.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-41005",
          "url": "https://www.suse.com/security/cve/CVE-2024-41005"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1227858 for CVE-2024-41005",
          "url": "https://bugzilla.suse.com/1227858"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-41005"
    },
    {
      "cve": "CVE-2024-41077",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-41077"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnull_blk: fix validation of block size\n\nBlock size should be between 512 and PAGE_SIZE and be a power of 2. The current\ncheck does not validate this, so update the check.\n\nWithout this patch, null_blk would Oops due to a null pointer deref when\nloaded with bs=1536 [1].\n\n\n[axboe: remove unnecessary braces and != 0 check]",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-41077",
          "url": "https://www.suse.com/security/cve/CVE-2024-41077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228653 for CVE-2024-41077",
          "url": "https://bugzilla.suse.com/1228653"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-41077"
    },
    {
      "cve": "CVE-2024-41149",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-41149"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the \u0027hctx\u0027 isn\u0027t removed from cpuhp callback list, we can\u0027t reuse it,\notherwise use-after-free may be triggered.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-41149",
          "url": "https://www.suse.com/security/cve/CVE-2024-41149"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235698 for CVE-2024-41149",
          "url": "https://bugzilla.suse.com/1235698"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-41149"
    },
    {
      "cve": "CVE-2024-42307",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-42307"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential null pointer use in destroy_workqueue in init_cifs error path\n\nDan Carpenter reported a Smack static checker warning:\n   fs/smb/client/cifsfs.c:1981 init_cifs()\n   error: we previously assumed \u0027serverclose_wq\u0027 could be null (see line 1895)\n\nThe patch which introduced the serverclose workqueue used the wrong\noredering in error paths in init_cifs() for freeing it on errors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-42307",
          "url": "https://www.suse.com/security/cve/CVE-2024-42307"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229361 for CVE-2024-42307",
          "url": "https://bugzilla.suse.com/1229361"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-42307"
    },
    {
      "cve": "CVE-2024-43820",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-43820"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume\n\nrm-raid devices will occasionally trigger the following warning when\nbeing resumed after a table load because DM_RECOVERY_RUNNING is set:\n\nWARNING: CPU: 7 PID: 5660 at drivers/md/dm-raid.c:4105 raid_resume+0xee/0x100 [dm_raid]\n\nThe failing check is:\nWARN_ON_ONCE(test_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery));\n\nThis check is designed to make sure that the sync thread isn\u0027t\nregistered, but md_check_recovery can set MD_RECOVERY_RUNNING without\nthe sync_thread ever getting registered. Instead of checking if\nMD_RECOVERY_RUNNING is set, check if sync_thread is non-NULL.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-43820",
          "url": "https://www.suse.com/security/cve/CVE-2024-43820"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229311 for CVE-2024-43820",
          "url": "https://bugzilla.suse.com/1229311"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-43820"
    },
    {
      "cve": "CVE-2024-46736",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-46736"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_rename_path()\n\nIf smb2_set_path_attr() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() again as the\nreference of @cfile was already dropped by previous smb2_compound_op()\ncall.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-46736",
          "url": "https://www.suse.com/security/cve/CVE-2024-46736"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230728 for CVE-2024-46736",
          "url": "https://bugzilla.suse.com/1230728"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-46736"
    },
    {
      "cve": "CVE-2024-46782",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-46782"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: call nf_unregister_net_hooks() sooner\n\nsyzbot found an use-after-free Read in ila_nf_input [1]\n\nIssue here is that ila_xlat_exit_net() frees the rhashtable,\nthen call nf_unregister_net_hooks().\n\nIt should be done in the reverse way, with a synchronize_rcu().\n\nThis is a good match for a pre_exit() method.\n\n[1]\n BUG: KASAN: use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: use-after-free in __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\nRead of size 4 at addr ffff888064620008 by task ksoftirqd/0/16\n\nCPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \u003cTASK\u003e\n  __dump_stack lib/dump_stack.c:93 [inline]\n  dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n  print_address_description mm/kasan/report.c:377 [inline]\n  print_report+0x169/0x550 mm/kasan/report.c:488\n  kasan_report+0x143/0x180 mm/kasan/report.c:601\n  rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n  __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n  rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n  rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\n  ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline]\n  ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n  ila_nf_input+0x1fe/0x3c0 net/ipv6/ila/ila_xlat.c:190\n  nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n  nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n  nf_hook include/linux/netfilter.h:269 [inline]\n  NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312\n  __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n  __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5775\n  process_backlog+0x662/0x15b0 net/core/dev.c:6108\n  __napi_poll+0xcb/0x490 net/core/dev.c:6772\n  napi_poll net/core/dev.c:6841 [inline]\n  net_rx_action+0x89b/0x1240 net/core/dev.c:6963\n  handle_softirqs+0x2c4/0x970 kernel/softirq.c:554\n  run_ksoftirqd+0xca/0x130 kernel/softirq.c:928\n  smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164\n  kthread+0x2f0/0x390 kernel/kthread.c:389\n  ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nThe buggy address belongs to the physical page:\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64620\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xbfffffff(buddy)\nraw: 00fff00000000000 ffffea0000959608 ffffea00019d9408 0000000000000000\nraw: 0000000000000000 0000000000000003 00000000bfffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 3, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 5242, tgid 5242 (syz-executor), ts 73611328570, free_ts 618981657187\n  set_page_owner include/linux/page_owner.h:32 [inline]\n  post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493\n  prep_new_page mm/page_alloc.c:1501 [inline]\n  get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439\n  __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695\n  __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]\n  alloc_pages_node_noprof include/linux/gfp.h:296 [inline]\n  ___kmalloc_large_node+0x8b/0x1d0 mm/slub.c:4103\n  __kmalloc_large_node_noprof+0x1a/0x80 mm/slub.c:4130\n  __do_kmalloc_node mm/slub.c:4146 [inline]\n  __kmalloc_node_noprof+0x2d2/0x440 mm/slub.c:4164\n  __kvmalloc_node_noprof+0x72/0x190 mm/util.c:650\n  bucket_table_alloc lib/rhashtable.c:186 [inline]\n  rhashtable_init_noprof+0x534/0xa60 lib/rhashtable.c:1071\n  ila_xlat_init_net+0xa0/0x110 net/ipv6/ila/ila_xlat.c:613\n  ops_ini\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-46782",
          "url": "https://www.suse.com/security/cve/CVE-2024-46782"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230769 for CVE-2024-46782",
          "url": "https://bugzilla.suse.com/1230769"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-46782"
    },
    {
      "cve": "CVE-2024-46796",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-46796"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_set_path_size()\n\nIf smb2_compound_op() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() before retrying it\nas the reference of @cfile was already dropped by previous call.\n\nThis fixes the following KASAN splat when running fstests generic/013\nagainst Windows Server 2022:\n\n  CIFS: Attempting to mount //w22-fs0/scratch\n  run fstests generic/013 at 2024-09-02 19:48:59\n  ==================================================================\n  BUG: KASAN: slab-use-after-free in detach_if_pending+0xab/0x200\n  Write of size 8 at addr ffff88811f1a3730 by task kworker/3:2/176\n\n  CPU: 3 UID: 0 PID: 176 Comm: kworker/3:2 Not tainted 6.11.0-rc6 #2\n  Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40\n  04/01/2014\n  Workqueue: cifsoplockd cifs_oplock_break [cifs]\n  Call Trace:\n   \u003cTASK\u003e\n   dump_stack_lvl+0x5d/0x80\n   ? detach_if_pending+0xab/0x200\n   print_report+0x156/0x4d9\n   ? detach_if_pending+0xab/0x200\n   ? __virt_addr_valid+0x145/0x300\n   ? __phys_addr+0x46/0x90\n   ? detach_if_pending+0xab/0x200\n   kasan_report+0xda/0x110\n   ? detach_if_pending+0xab/0x200\n   detach_if_pending+0xab/0x200\n   timer_delete+0x96/0xe0\n   ? __pfx_timer_delete+0x10/0x10\n   ? rcu_is_watching+0x20/0x50\n   try_to_grab_pending+0x46/0x3b0\n   __cancel_work+0x89/0x1b0\n   ? __pfx___cancel_work+0x10/0x10\n   ? kasan_save_track+0x14/0x30\n   cifs_close_deferred_file+0x110/0x2c0 [cifs]\n   ? __pfx_cifs_close_deferred_file+0x10/0x10 [cifs]\n   ? __pfx_down_read+0x10/0x10\n   cifs_oplock_break+0x4c1/0xa50 [cifs]\n   ? __pfx_cifs_oplock_break+0x10/0x10 [cifs]\n   ? lock_is_held_type+0x85/0xf0\n   ? mark_held_locks+0x1a/0x90\n   process_one_work+0x4c6/0x9f0\n   ? find_held_lock+0x8a/0xa0\n   ? __pfx_process_one_work+0x10/0x10\n   ? lock_acquired+0x220/0x550\n   ? __list_add_valid_or_report+0x37/0x100\n   worker_thread+0x2e4/0x570\n   ? __kthread_parkme+0xd1/0xf0\n   ? __pfx_worker_thread+0x10/0x10\n   kthread+0x17f/0x1c0\n   ? kthread+0xda/0x1c0\n   ? __pfx_kthread+0x10/0x10\n   ret_from_fork+0x31/0x60\n   ? __pfx_kthread+0x10/0x10\n   ret_from_fork_asm+0x1a/0x30\n   \u003c/TASK\u003e\n\n  Allocated by task 1118:\n   kasan_save_stack+0x30/0x50\n   kasan_save_track+0x14/0x30\n   __kasan_kmalloc+0xaa/0xb0\n   cifs_new_fileinfo+0xc8/0x9d0 [cifs]\n   cifs_atomic_open+0x467/0x770 [cifs]\n   lookup_open.isra.0+0x665/0x8b0\n   path_openat+0x4c3/0x1380\n   do_filp_open+0x167/0x270\n   do_sys_openat2+0x129/0x160\n   __x64_sys_creat+0xad/0xe0\n   do_syscall_64+0xbb/0x1d0\n   entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n  Freed by task 83:\n   kasan_save_stack+0x30/0x50\n   kasan_save_track+0x14/0x30\n   kasan_save_free_info+0x3b/0x70\n   poison_slab_object+0xe9/0x160\n   __kasan_slab_free+0x32/0x50\n   kfree+0xf2/0x300\n   process_one_work+0x4c6/0x9f0\n   worker_thread+0x2e4/0x570\n   kthread+0x17f/0x1c0\n   ret_from_fork+0x31/0x60\n   ret_from_fork_asm+0x1a/0x30\n\n  Last potentially related work creation:\n   kasan_save_stack+0x30/0x50\n   __kasan_record_aux_stack+0xad/0xc0\n   insert_work+0x29/0xe0\n   __queue_work+0x5ea/0x760\n   queue_work_on+0x6d/0x90\n   _cifsFileInfo_put+0x3f6/0x770 [cifs]\n   smb2_compound_op+0x911/0x3940 [cifs]\n   smb2_set_path_size+0x228/0x270 [cifs]\n   cifs_set_file_size+0x197/0x460 [cifs]\n   cifs_setattr+0xd9c/0x14b0 [cifs]\n   notify_change+0x4e3/0x740\n   do_truncate+0xfa/0x180\n   vfs_truncate+0x195/0x200\n   __x64_sys_truncate+0x109/0x150\n   do_syscall_64+0xbb/0x1d0\n   entry_SYSCALL_64_after_hwframe+0x77/0x7f",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-46796",
          "url": "https://www.suse.com/security/cve/CVE-2024-46796"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230832 for CVE-2024-46796",
          "url": "https://bugzilla.suse.com/1230832"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-46796"
    },
    {
      "cve": "CVE-2024-47408",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-47408"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check smcd_v2_ext_offset when receiving proposal msg\n\nWhen receiving proposal msg in server, the field smcd_v2_ext_offset in\nproposal msg is from the remote client and can not be fully trusted.\nOnce the value of smcd_v2_ext_offset exceed the max value, there has\nthe chance to access wrong address, and crash may happen.\n\nThis patch checks the value of smcd_v2_ext_offset before using it.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-47408",
          "url": "https://www.suse.com/security/cve/CVE-2024-47408"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235711 for CVE-2024-47408",
          "url": "https://bugzilla.suse.com/1235711"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-47408"
    },
    {
      "cve": "CVE-2024-47794",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-47794"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tailcall infinite loop caused by freplace\n\nThere is a potential infinite loop issue that can occur when using a\ncombination of tail calls and freplace.\n\nIn an upcoming selftest, the attach target for entry_freplace of\ntailcall_freplace.c is subprog_tc of tc_bpf2bpf.c, while the tail call in\nentry_freplace leads to entry_tc. This results in an infinite loop:\n\nentry_tc -\u003e subprog_tc -\u003e entry_freplace --tailcall-\u003e entry_tc.\n\nThe problem arises because the tail_call_cnt in entry_freplace resets to\nzero each time entry_freplace is executed, causing the tail call mechanism\nto never terminate, eventually leading to a kernel panic.\n\nTo fix this issue, the solution is twofold:\n\n1. Prevent updating a program extended by an freplace program to a\n   prog_array map.\n2. Prevent extending a program that is already part of a prog_array map\n   with an freplace program.\n\nThis ensures that:\n\n* If a program or its subprogram has been extended by an freplace program,\n  it can no longer be updated to a prog_array map.\n* If a program has been added to a prog_array map, neither it nor its\n  subprograms can be extended by an freplace program.\n\nMoreover, an extension program should not be tailcalled. As such, return\n-EINVAL if the program has a type of BPF_PROG_TYPE_EXT when adding it to a\nprog_array map.\n\nAdditionally, fix a minor code style issue by replacing eight spaces with a\ntab for proper formatting.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-47794",
          "url": "https://www.suse.com/security/cve/CVE-2024-47794"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235712 for CVE-2024-47794",
          "url": "https://bugzilla.suse.com/1235712"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-47794"
    },
    {
      "cve": "CVE-2024-49571",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-49571"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the field iparea_offset\nand the field ipv6_prefixes_cnt in proposal msg are from the\nremote client and can not be fully trusted. Especially the\nfield iparea_offset, once exceed the max value, there has the\nchance to access wrong address, and crash may happen.\n\nThis patch checks iparea_offset and ipv6_prefixes_cnt before using them.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-49571",
          "url": "https://www.suse.com/security/cve/CVE-2024-49571"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235733 for CVE-2024-49571",
          "url": "https://bugzilla.suse.com/1235733"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-49571"
    },
    {
      "cve": "CVE-2024-49924",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-49924"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: pxafb: Fix possible use after free in pxafb_task()\n\nIn the pxafb_probe function, it calls the pxafb_init_fbinfo function,\nafter which \u0026fbi-\u003etask is associated with pxafb_task. Moreover,\nwithin this pxafb_init_fbinfo function, the pxafb_blank function\nwithin the \u0026pxafb_ops struct is capable of scheduling work.\n\nIf we remove the module which will call pxafb_remove to make cleanup,\nit will call unregister_framebuffer function which can call\ndo_unregister_framebuffer to free fbi-\u003efb through\nput_fb_info(fb_info), while the work mentioned above will be used.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0                                                CPU1\n\n                                   | pxafb_task\npxafb_remove                       |\nunregister_framebuffer(info)       |\ndo_unregister_framebuffer(fb_info) |\nput_fb_info(fb_info)               |\n// free fbi-\u003efb                    | set_ctrlr_state(fbi, state)\n                                   | __pxafb_lcd_power(fbi, 0)\n                                   | fbi-\u003elcd_power(on, \u0026fbi-\u003efb.var)\n                                   | //use fbi-\u003efb\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in pxafb_remove.\n\nNote that only root user can remove the driver at runtime.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-49924",
          "url": "https://www.suse.com/security/cve/CVE-2024-49924"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232364 for CVE-2024-49924",
          "url": "https://bugzilla.suse.com/1232364"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-49924"
    },
    {
      "cve": "CVE-2024-49940",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-49940"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: prevent possible tunnel refcount underflow\n\nWhen a session is created, it sets a backpointer to its tunnel. When\nthe session refcount drops to 0, l2tp_session_free drops the tunnel\nrefcount if session-\u003etunnel is non-NULL. However, session-\u003etunnel is\nset in l2tp_session_create, before the tunnel refcount is incremented\nby l2tp_session_register, which leaves a small window where\nsession-\u003etunnel is non-NULL when the tunnel refcount hasn\u0027t been\nbumped.\n\nMoving the assignment to l2tp_session_register is trivial but\nl2tp_session_create calls l2tp_session_set_header_len which uses\nsession-\u003etunnel to get the tunnel\u0027s encap. Add an encap arg to\nl2tp_session_set_header_len to avoid using session-\u003etunnel.\n\nIf l2tpv3 sessions have colliding IDs, it is possible for\nl2tp_v3_session_get to race with l2tp_session_register and fetch a\nsession which doesn\u0027t yet have session-\u003etunnel set. Add a check for\nthis case.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-49940",
          "url": "https://www.suse.com/security/cve/CVE-2024-49940"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232812 for CVE-2024-49940",
          "url": "https://bugzilla.suse.com/1232812"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-49940"
    },
    {
      "cve": "CVE-2024-49994",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-49994"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix integer overflow in BLKSECDISCARD\n\nI independently rediscovered\n\n\tcommit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155\n\tblock: fix overflow in blk_ioctl_discard()\n\nbut for secure erase.\n\nSame problem:\n\n\tuint64_t r[2] = {512, 18446744073709551104ULL};\n\tioctl(fd, BLKSECDISCARD, r);\n\nwill enter near infinite loop inside blkdev_issue_secure_erase():\n\n\ta.out: attempt to access beyond end of device\n\tloop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048\n\tbio_check_eod: 3286214 callbacks suppressed",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-49994",
          "url": "https://www.suse.com/security/cve/CVE-2024-49994"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237757 for CVE-2024-49994",
          "url": "https://bugzilla.suse.com/1237757"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-49994"
    },
    {
      "cve": "CVE-2024-50056",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-50056"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c\n\nFix potential dereferencing of ERR_PTR() in find_format_by_pix()\nand uvc_v4l2_enum_format().\n\nFix the following smatch errors:\n\ndrivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\ndrivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\nAlso, fix similar issue in uvc_v4l2_try_format() for potential\ndereferencing of ERR_PTR().",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-50056",
          "url": "https://www.suse.com/security/cve/CVE-2024-50056"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232389 for CVE-2024-50056",
          "url": "https://bugzilla.suse.com/1232389"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-50056"
    },
    {
      "cve": "CVE-2024-50126",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-50126"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: use RCU read-side critical section in taprio_dump()\n\nFix possible use-after-free in \u0027taprio_dump()\u0027 by adding RCU\nread-side critical section there. Never seen on x86 but\nfound on a KASAN-enabled arm64 system when investigating\nhttps://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa:\n\n[T15862] BUG: KASAN: slab-use-after-free in taprio_dump+0xa0c/0xbb0\n[T15862] Read of size 4 at addr ffff0000d4bb88f8 by task repro/15862\n[T15862]\n[T15862] CPU: 0 UID: 0 PID: 15862 Comm: repro Not tainted 6.11.0-rc1-00293-gdefaf1a2113a-dirty #2\n[T15862] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-20240524-5.fc40 05/24/2024\n[T15862] Call trace:\n[T15862]  dump_backtrace+0x20c/0x220\n[T15862]  show_stack+0x2c/0x40\n[T15862]  dump_stack_lvl+0xf8/0x174\n[T15862]  print_report+0x170/0x4d8\n[T15862]  kasan_report+0xb8/0x1d4\n[T15862]  __asan_report_load4_noabort+0x20/0x2c\n[T15862]  taprio_dump+0xa0c/0xbb0\n[T15862]  tc_fill_qdisc+0x540/0x1020\n[T15862]  qdisc_notify.isra.0+0x330/0x3a0\n[T15862]  tc_modify_qdisc+0x7b8/0x1838\n[T15862]  rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862]  netlink_rcv_skb+0x1f8/0x3d4\n[T15862]  rtnetlink_rcv+0x28/0x40\n[T15862]  netlink_unicast+0x51c/0x790\n[T15862]  netlink_sendmsg+0x79c/0xc20\n[T15862]  __sock_sendmsg+0xe0/0x1a0\n[T15862]  ____sys_sendmsg+0x6c0/0x840\n[T15862]  ___sys_sendmsg+0x1ac/0x1f0\n[T15862]  __sys_sendmsg+0x110/0x1d0\n[T15862]  __arm64_sys_sendmsg+0x74/0xb0\n[T15862]  invoke_syscall+0x88/0x2e0\n[T15862]  el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862]  do_el0_svc+0x44/0x60\n[T15862]  el0_svc+0x50/0x184\n[T15862]  el0t_64_sync_handler+0x120/0x12c\n[T15862]  el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Allocated by task 15857:\n[T15862]  kasan_save_stack+0x3c/0x70\n[T15862]  kasan_save_track+0x20/0x3c\n[T15862]  kasan_save_alloc_info+0x40/0x60\n[T15862]  __kasan_kmalloc+0xd4/0xe0\n[T15862]  __kmalloc_cache_noprof+0x194/0x334\n[T15862]  taprio_change+0x45c/0x2fe0\n[T15862]  tc_modify_qdisc+0x6a8/0x1838\n[T15862]  rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862]  netlink_rcv_skb+0x1f8/0x3d4\n[T15862]  rtnetlink_rcv+0x28/0x40\n[T15862]  netlink_unicast+0x51c/0x790\n[T15862]  netlink_sendmsg+0x79c/0xc20\n[T15862]  __sock_sendmsg+0xe0/0x1a0\n[T15862]  ____sys_sendmsg+0x6c0/0x840\n[T15862]  ___sys_sendmsg+0x1ac/0x1f0\n[T15862]  __sys_sendmsg+0x110/0x1d0\n[T15862]  __arm64_sys_sendmsg+0x74/0xb0\n[T15862]  invoke_syscall+0x88/0x2e0\n[T15862]  el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862]  do_el0_svc+0x44/0x60\n[T15862]  el0_svc+0x50/0x184\n[T15862]  el0t_64_sync_handler+0x120/0x12c\n[T15862]  el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Freed by task 6192:\n[T15862]  kasan_save_stack+0x3c/0x70\n[T15862]  kasan_save_track+0x20/0x3c\n[T15862]  kasan_save_free_info+0x4c/0x80\n[T15862]  poison_slab_object+0x110/0x160\n[T15862]  __kasan_slab_free+0x3c/0x74\n[T15862]  kfree+0x134/0x3c0\n[T15862]  taprio_free_sched_cb+0x18c/0x220\n[T15862]  rcu_core+0x920/0x1b7c\n[T15862]  rcu_core_si+0x10/0x1c\n[T15862]  handle_softirqs+0x2e8/0xd64\n[T15862]  __do_softirq+0x14/0x20",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-50126",
          "url": "https://www.suse.com/security/cve/CVE-2024-50126"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1232895 for CVE-2024-50126",
          "url": "https://bugzilla.suse.com/1232895"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-50126"
    },
    {
      "cve": "CVE-2024-50140",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-50140"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Disable page allocation in task_tick_mm_cid()\n\nWith KASAN and PREEMPT_RT enabled, calling task_work_add() in\ntask_tick_mm_cid() may cause the following splat.\n\n[   63.696416] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[   63.696416] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 610, name: modprobe\n[   63.696416] preempt_count: 10001, expected: 0\n[   63.696416] RCU nest depth: 1, expected: 1\n\nThis problem is caused by the following call trace.\n\n  sched_tick() [ acquire rq-\u003e__lock ]\n   -\u003e task_tick_mm_cid()\n    -\u003e task_work_add()\n     -\u003e __kasan_record_aux_stack()\n      -\u003e kasan_save_stack()\n       -\u003e stack_depot_save_flags()\n        -\u003e alloc_pages_mpol_noprof()\n         -\u003e __alloc_pages_noprof()\n\t  -\u003e get_page_from_freelist()\n\t   -\u003e rmqueue()\n\t    -\u003e rmqueue_pcplist()\n\t     -\u003e __rmqueue_pcplist()\n\t      -\u003e rmqueue_bulk()\n\t       -\u003e rt_spin_lock()\n\nThe rq lock is a raw_spinlock_t. We can\u0027t sleep while holding\nit. IOW, we can\u0027t call alloc_pages() in stack_depot_save_flags().\n\nThe task_tick_mm_cid() function with its task_work_add() call was\nintroduced by commit 223baf9d17f2 (\"sched: Fix performance regression\nintroduced by mm_cid\") in v6.4 kernel.\n\nFortunately, there is a kasan_record_aux_stack_noalloc() variant that\ncalls stack_depot_save_flags() while not allowing it to allocate\nnew pages.  To allow task_tick_mm_cid() to use task_work without\npage allocation, a new TWAF_NO_ALLOC flag is added to enable calling\nkasan_record_aux_stack_noalloc() instead of kasan_record_aux_stack()\nif set. The task_tick_mm_cid() function is modified to add this new flag.\n\nThe possible downside is the missing stack trace in a KASAN report due\nto new page allocation required when task_work_add_noallloc() is called\nwhich should be rare.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-50140",
          "url": "https://www.suse.com/security/cve/CVE-2024-50140"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233060 for CVE-2024-50140",
          "url": "https://bugzilla.suse.com/1233060"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-50140"
    },
    {
      "cve": "CVE-2024-50152",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-50152"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning:\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 |         kfree(ea);\n      |         ^~~~~~~~~\n\nThere is a double free in such case:\n\u0027ea is initialized to NULL\u0027 -\u003e \u0027first successful memory allocation for\nea\u0027 -\u003e \u0027something failed, goto sea_exit\u0027 -\u003e \u0027first memory release for ea\u0027\n-\u003e \u0027goto replay_again\u0027 -\u003e \u0027second goto sea_exit before allocate memory\nfor ea\u0027 -\u003e \u0027second memory release for ea resulted in double free\u0027.\n\nRe-initialie \u0027ea\u0027 to NULL near to the replay_again label, it can fix this\ndouble free problem.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-50152",
          "url": "https://www.suse.com/security/cve/CVE-2024-50152"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233033 for CVE-2024-50152",
          "url": "https://bugzilla.suse.com/1233033"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-50152"
    },
    {
      "cve": "CVE-2024-50290",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-50290"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-50290",
          "url": "https://www.suse.com/security/cve/CVE-2024-50290"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225742 for CVE-2024-50290",
          "url": "https://bugzilla.suse.com/1225742"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233479 for CVE-2024-50290",
          "url": "https://bugzilla.suse.com/1233479"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233681 for CVE-2024-50290",
          "url": "https://bugzilla.suse.com/1233681"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-50290"
    },
    {
      "cve": "CVE-2024-52559",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-52559"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()\n\nThe \"submit-\u003ecmd[i].size\" and \"submit-\u003ecmd[i].offset\" variables are u32\nvalues that come from the user via the submit_lookup_cmds() function.\nThis addition could lead to an integer wrapping bug so use size_add()\nto prevent that.\n\nPatchwork: https://patchwork.freedesktop.org/patch/624696/",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-52559",
          "url": "https://www.suse.com/security/cve/CVE-2024-52559"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238507 for CVE-2024-52559",
          "url": "https://bugzilla.suse.com/1238507"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-52559"
    },
    {
      "cve": "CVE-2024-53057",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-53057"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT\n\nIn qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed\nto be either root or ingress. This assumption is bogus since it\u0027s valid\nto create egress qdiscs with major handle ffff:\nBudimir Markovic found that for qdiscs like DRR that maintain an active\nclass list, it will cause a UAF with a dangling class pointer.\n\nIn 066a3b5b2346, the concern was to avoid iterating over the ingress\nqdisc since its parent is itself. The proper fix is to stop when parent\nTC_H_ROOT is reached because the only way to retrieve ingress is when a\nhierarchy which does not contain a ffff: major handle call into\nqdisc_lookup with TC_H_MAJ(TC_H_ROOT).\n\nIn the scenario where major ffff: is an egress qdisc in any of the tree\nlevels, the updates will also propagate to TC_H_ROOT, which then the\niteration must stop.\n\n\n net/sched/sch_api.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-53057",
          "url": "https://www.suse.com/security/cve/CVE-2024-53057"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233551 for CVE-2024-53057",
          "url": "https://bugzilla.suse.com/1233551"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1245816 for CVE-2024-53057",
          "url": "https://bugzilla.suse.com/1245816"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-53057"
    },
    {
      "cve": "CVE-2024-53063",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-53063"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-53063",
          "url": "https://www.suse.com/security/cve/CVE-2024-53063"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225742 for CVE-2024-53063",
          "url": "https://bugzilla.suse.com/1225742"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233557 for CVE-2024-53063",
          "url": "https://bugzilla.suse.com/1233557"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233619 for CVE-2024-53063",
          "url": "https://bugzilla.suse.com/1233619"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-53063"
    },
    {
      "cve": "CVE-2024-53140",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-53140"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: terminate outstanding dump on socket close\n\nNetlink supports iterative dumping of data. It provides the families\nthe following ops:\n - start - (optional) kicks off the dumping process\n - dump  - actual dump helper, keeps getting called until it returns 0\n - done  - (optional) pairs with .start, can be used for cleanup\nThe whole process is asynchronous and the repeated calls to .dump\ndon\u0027t actually happen in a tight loop, but rather are triggered\nin response to recvmsg() on the socket.\n\nThis gives the user full control over the dump, but also means that\nthe user can close the socket without getting to the end of the dump.\nTo make sure .start is always paired with .done we check if there\nis an ongoing dump before freeing the socket, and if so call .done.\n\nThe complication is that sockets can get freed from BH and .done\nis allowed to sleep. So we use a workqueue to defer the call, when\nneeded.\n\nUnfortunately this does not work correctly. What we defer is not\nthe cleanup but rather releasing a reference on the socket.\nWe have no guarantee that we own the last reference, if someone\nelse holds the socket they may release it in BH and we\u0027re back\nto square one.\n\nThe whole dance, however, appears to be unnecessary. Only the user\ncan interact with dumps, so we can clean up when socket is closed.\nAnd close always happens in process context. Some async code may\nstill access the socket after close, queue notification skbs to it etc.\nbut no dumps can start, end or otherwise make progress.\n\nDelete the workqueue and flush the dump state directly from the release\nhandler. Note that further cleanup is possible in -next, for instance\nwe now always call .done before releasing the main module reference,\nso dump doesn\u0027t have to take a reference of its own.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-53140",
          "url": "https://www.suse.com/security/cve/CVE-2024-53140"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234222 for CVE-2024-53140",
          "url": "https://bugzilla.suse.com/1234222"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-53140"
    },
    {
      "cve": "CVE-2024-53163",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-53163"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_420xx - fix off by one in uof_get_name()\n\nThis is called from uof_get_name_420xx() where \"num_objs\" is the\nARRAY_SIZE() of fw_objs[].  The \u003e needs to be \u003e= to prevent an out of\nbounds access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-53163",
          "url": "https://www.suse.com/security/cve/CVE-2024-53163"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234828 for CVE-2024-53163",
          "url": "https://bugzilla.suse.com/1234828"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-53163"
    },
    {
      "cve": "CVE-2024-53680",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-53680"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n  vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n  define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n    %1 = alloca [64 x i8], align 16\n    ...\n\n  14:                                               ; preds = %11\n    %15 = getelementptr inbounds i8, ptr %1, i64 63\n    %16 = load i8, ptr %15, align 1\n    %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n    %18 = icmp eq i8 %16, 0\n    %19 = select i1 %17, i1 %18, i1 false\n    br i1 %19, label %20, label %23\n\n  20:                                               ; preds = %14\n    %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n    ...\n\n  23:                                               ; preds = %14, %11, %20\n    %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n    ...\n  }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n  %13 = getelementptr inbounds i8, ptr %1, i64 63\n  br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n  define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n    %1 = alloca [64 x i8], align 16\n    ...\n\n  12:                                               ; preds = %11\n    %13 = getelementptr inbounds i8, ptr %1, i64 63\n    unreachable\n  }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-53680",
          "url": "https://www.suse.com/security/cve/CVE-2024-53680"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235715 for CVE-2024-53680",
          "url": "https://bugzilla.suse.com/1235715"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-53680"
    },
    {
      "cve": "CVE-2024-54683",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-54683"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: IDLETIMER: Fix for possible ABBA deadlock\n\nDeletion of the last rule referencing a given idletimer may happen at\nthe same time as a read of its file in sysfs:\n\n| ======================================================\n| WARNING: possible circular locking dependency detected\n| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted\n| ------------------------------------------------------\n| iptables/3303 is trying to acquire lock:\n| ffff8881057e04b8 (kn-\u003eactive#48){++++}-{0:0}, at: __kernfs_remove+0x20\n|\n| but task is already holding lock:\n| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v]\n|\n| which lock already depends on the new lock.\n\nA simple reproducer is:\n\n| #!/bin/bash\n|\n| while true; do\n|         iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n|         iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| done \u0026\n| while true; do\n|         cat /sys/class/xt_idletimer/timers/testme \u003e/dev/null\n| done\n\nAvoid this by freeing list_mutex right after deleting the element from\nthe list, then continuing with the teardown.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-54683",
          "url": "https://www.suse.com/security/cve/CVE-2024-54683"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235729 for CVE-2024-54683",
          "url": "https://bugzilla.suse.com/1235729"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-54683"
    },
    {
      "cve": "CVE-2024-56638",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56638"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: incorrect percpu area handling under softirq\n\nSoftirq can interrupt ongoing packet from process context that is\nwalking over the percpu area that contains inner header offsets.\n\nDisable bh and perform three checks before restoring the percpu inner\nheader offsets to validate that the percpu area is valid for this\nskbuff:\n\n1) If the NFT_PKTINFO_INNER_FULL flag is set on, then this skbuff\n   has already been parsed before for inner header fetching to\n   register.\n\n2) Validate that the percpu area refers to this skbuff using the\n   skbuff pointer as a cookie. If there is a cookie mismatch, then\n   this skbuff needs to be parsed again.\n\n3) Finally, validate if the percpu area refers to this tunnel type.\n\nOnly after these three checks the percpu area is restored to a on-stack\ncopy and bh is enabled again.\n\nAfter inner header fetching, the on-stack copy is stored back to the\npercpu area.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56638",
          "url": "https://www.suse.com/security/cve/CVE-2024-56638"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235524 for CVE-2024-56638",
          "url": "https://bugzilla.suse.com/1235524"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-56638"
    },
    {
      "cve": "CVE-2024-56640",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56640"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix LGR and link use-after-free issue\n\nWe encountered a LGR/link use-after-free issue, which manifested as\nthe LGR/link refcnt reaching 0 early and entering the clear process,\nmaking resource access unsafe.\n\n refcount_t: addition on 0; use-after-free.\n WARNING: CPU: 14 PID: 107447 at lib/refcount.c:25 refcount_warn_saturate+0x9c/0x140\n Workqueue: events smc_lgr_terminate_work [smc]\n Call trace:\n  refcount_warn_saturate+0x9c/0x140\n  __smc_lgr_terminate.part.45+0x2a8/0x370 [smc]\n  smc_lgr_terminate_work+0x28/0x30 [smc]\n  process_one_work+0x1b8/0x420\n  worker_thread+0x158/0x510\n  kthread+0x114/0x118\n\nor\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 6 PID: 93140 at lib/refcount.c:28 refcount_warn_saturate+0xf0/0x140\n Workqueue: smc_hs_wq smc_listen_work [smc]\n Call trace:\n  refcount_warn_saturate+0xf0/0x140\n  smcr_link_put+0x1cc/0x1d8 [smc]\n  smc_conn_free+0x110/0x1b0 [smc]\n  smc_conn_abort+0x50/0x60 [smc]\n  smc_listen_find_device+0x75c/0x790 [smc]\n  smc_listen_work+0x368/0x8a0 [smc]\n  process_one_work+0x1b8/0x420\n  worker_thread+0x158/0x510\n  kthread+0x114/0x118\n\nIt is caused by repeated release of LGR/link refcnt. One suspect is that\nsmc_conn_free() is called repeatedly because some smc_conn_free() from\nserver listening path are not protected by sock lock.\n\ne.g.\n\nCalls under socklock        | smc_listen_work\n-------------------------------------------------------\nlock_sock(sk)               | smc_conn_abort\nsmc_conn_free               | \\- smc_conn_free\n\\- smcr_link_put            |    \\- smcr_link_put (duplicated)\nrelease_sock(sk)\n\nSo here add sock lock protection in smc_listen_work() path, making it\nexclusive with other connection operations.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56640",
          "url": "https://www.suse.com/security/cve/CVE-2024-56640"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235436 for CVE-2024-56640",
          "url": "https://bugzilla.suse.com/1235436"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-56640"
    },
    {
      "cve": "CVE-2024-56702",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56702"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Mark raw_tp arguments with PTR_MAYBE_NULL\n\nArguments to a raw tracepoint are tagged as trusted, which carries the\nsemantics that the pointer will be non-NULL.  However, in certain cases,\na raw tracepoint argument may end up being NULL. More context about this\nissue is available in [0].\n\nThus, there is a discrepancy between the reality, that raw_tp arguments\ncan actually be NULL, and the verifier\u0027s knowledge, that they are never\nNULL, causing explicit NULL checks to be deleted, and accesses to such\npointers potentially crashing the kernel.\n\nTo fix this, mark raw_tp arguments as PTR_MAYBE_NULL, and then special\ncase the dereference and pointer arithmetic to permit it, and allow\npassing them into helpers/kfuncs; these exceptions are made for raw_tp\nprograms only. Ensure that we don\u0027t do this when ref_obj_id \u003e 0, as in\nthat case this is an acquired object and doesn\u0027t need such adjustment.\n\nThe reason we do mask_raw_tp_trusted_reg logic is because other will\nrecheck in places whether the register is a trusted_reg, and then\nconsider our register as untrusted when detecting the presence of the\nPTR_MAYBE_NULL flag.\n\nTo allow safe dereference, we enable PROBE_MEM marking when we see loads\ninto trusted pointers with PTR_MAYBE_NULL.\n\nWhile trusted raw_tp arguments can also be passed into helpers or kfuncs\nwhere such broken assumption may cause issues, a future patch set will\ntackle their case separately, as PTR_TO_BTF_ID (without PTR_TRUSTED) can\nalready be passed into helpers and causes similar problems. Thus, they\nare left alone for now.\n\nIt is possible that these checks also permit passing non-raw_tp args\nthat are trusted PTR_TO_BTF_ID with null marking. In such a case,\nallowing dereference when pointer is NULL expands allowed behavior, so\nwon\u0027t regress existing programs, and the case of passing these into\nhelpers is the same as above and will be dealt with later.\n\nAlso update the failure case in tp_btf_nullable selftest to capture the\nnew behavior, as the verifier will no longer cause an error when\ndirectly dereference a raw tracepoint argument marked as __nullable.\n\n  [0]: https://lore.kernel.org/bpf/ZrCZS6nisraEqehw@jlelli-thinkpadt14gen4.remote.csb",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56702",
          "url": "https://www.suse.com/security/cve/CVE-2024-56702"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235501 for CVE-2024-56702",
          "url": "https://bugzilla.suse.com/1235501"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-56702"
    },
    {
      "cve": "CVE-2024-56703",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56703"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix soft lockups in fib6_select_path under high next hop churn\n\nSoft lockups have been observed on a cluster of Linux-based edge routers\nlocated in a highly dynamic environment. Using the `bird` service, these\nrouters continuously update BGP-advertised routes due to frequently\nchanging nexthop destinations, while also managing significant IPv6\ntraffic. The lockups occur during the traversal of the multipath\ncircular linked-list in the `fib6_select_path` function, particularly\nwhile iterating through the siblings in the list. The issue typically\narises when the nodes of the linked list are unexpectedly deleted\nconcurrently on a different core\u2014indicated by their \u0027next\u0027 and\n\u0027previous\u0027 elements pointing back to the node itself and their reference\ncount dropping to zero. This results in an infinite loop, leading to a\nsoft lockup that triggers a system panic via the watchdog timer.\n\nApply RCU primitives in the problematic code sections to resolve the\nissue. Where necessary, update the references to fib6_siblings to\nannotate or use the RCU APIs.\n\nInclude a test script that reproduces the issue. The script\nperiodically updates the routing table while generating a heavy load\nof outgoing IPv6 traffic through multiple iperf3 clients. It\nconsistently induces infinite soft lockups within a couple of minutes.\n\nKernel log:\n\n 0 [ffffbd13003e8d30] machine_kexec at ffffffff8ceaf3eb\n 1 [ffffbd13003e8d90] __crash_kexec at ffffffff8d0120e3\n 2 [ffffbd13003e8e58] panic at ffffffff8cef65d4\n 3 [ffffbd13003e8ed8] watchdog_timer_fn at ffffffff8d05cb03\n 4 [ffffbd13003e8f08] __hrtimer_run_queues at ffffffff8cfec62f\n 5 [ffffbd13003e8f70] hrtimer_interrupt at ffffffff8cfed756\n 6 [ffffbd13003e8fd0] __sysvec_apic_timer_interrupt at ffffffff8cea01af\n 7 [ffffbd13003e8ff0] sysvec_apic_timer_interrupt at ffffffff8df1b83d\n-- \u003cIRQ stack\u003e --\n 8 [ffffbd13003d3708] asm_sysvec_apic_timer_interrupt at ffffffff8e000ecb\n    [exception RIP: fib6_select_path+299]\n    RIP: ffffffff8ddafe7b  RSP: ffffbd13003d37b8  RFLAGS: 00000287\n    RAX: ffff975850b43600  RBX: ffff975850b40200  RCX: 0000000000000000\n    RDX: 000000003fffffff  RSI: 0000000051d383e4  RDI: ffff975850b43618\n    RBP: ffffbd13003d3800   R8: 0000000000000000   R9: ffff975850b40200\n    R10: 0000000000000000  R11: 0000000000000000  R12: ffffbd13003d3830\n    R13: ffff975850b436a8  R14: ffff975850b43600  R15: 0000000000000007\n    ORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0018\n 9 [ffffbd13003d3808] ip6_pol_route at ffffffff8ddb030c\n10 [ffffbd13003d3888] ip6_pol_route_input at ffffffff8ddb068c\n11 [ffffbd13003d3898] fib6_rule_lookup at ffffffff8ddf02b5\n12 [ffffbd13003d3928] ip6_route_input at ffffffff8ddb0f47\n13 [ffffbd13003d3a18] ip6_rcv_finish_core.constprop.0 at ffffffff8dd950d0\n14 [ffffbd13003d3a30] ip6_list_rcv_finish.constprop.0 at ffffffff8dd96274\n15 [ffffbd13003d3a98] ip6_sublist_rcv at ffffffff8dd96474\n16 [ffffbd13003d3af8] ipv6_list_rcv at ffffffff8dd96615\n17 [ffffbd13003d3b60] __netif_receive_skb_list_core at ffffffff8dc16fec\n18 [ffffbd13003d3be0] netif_receive_skb_list_internal at ffffffff8dc176b3\n19 [ffffbd13003d3c50] napi_gro_receive at ffffffff8dc565b9\n20 [ffffbd13003d3c80] ice_receive_skb at ffffffffc087e4f5 [ice]\n21 [ffffbd13003d3c90] ice_clean_rx_irq at ffffffffc0881b80 [ice]\n22 [ffffbd13003d3d20] ice_napi_poll at ffffffffc088232f [ice]\n23 [ffffbd13003d3d80] __napi_poll at ffffffff8dc18000\n24 [ffffbd13003d3db8] net_rx_action at ffffffff8dc18581\n25 [ffffbd13003d3e40] __do_softirq at ffffffff8df352e9\n26 [ffffbd13003d3eb0] run_ksoftirqd at ffffffff8ceffe47\n27 [ffffbd13003d3ec0] smpboot_thread_fn at ffffffff8cf36a30\n28 [ffffbd13003d3ee8] kthread at ffffffff8cf2b39f\n29 [ffffbd13003d3f28] ret_from_fork at ffffffff8ce5fa64\n30 [ffffbd13003d3f50] ret_from_fork_asm at ffffffff8ce03cbb",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56703",
          "url": "https://www.suse.com/security/cve/CVE-2024-56703"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235455 for CVE-2024-56703",
          "url": "https://bugzilla.suse.com/1235455"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-56703"
    },
    {
      "cve": "CVE-2024-56718",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56718"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: protect link down work from execute after lgr freed\n\nlink down work may be scheduled before lgr freed but execute\nafter lgr freed, which may result in crash. So it is need to\nhold a reference before shedule link down work, and put the\nreference after work executed or canceled.\n\nThe relevant crash call stack as follows:\n list_del corruption. prev-\u003enext should be ffffb638c9c0fe20,\n    but was 0000000000000000\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:51!\n invalid opcode: 0000 [#1] SMP NOPTI\n CPU: 6 PID: 978112 Comm: kworker/6:119 Kdump: loaded Tainted: G #1\n Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 2221b89 04/01/2014\n Workqueue: events smc_link_down_work [smc]\n RIP: 0010:__list_del_entry_valid.cold+0x31/0x47\n RSP: 0018:ffffb638c9c0fdd8 EFLAGS: 00010086\n RAX: 0000000000000054 RBX: ffff942fb75e5128 RCX: 0000000000000000\n RDX: ffff943520930aa0 RSI: ffff94352091fc80 RDI: ffff94352091fc80\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb638c9c0fc38\n R10: ffffb638c9c0fc30 R11: ffffffffa015eb28 R12: 0000000000000002\n R13: ffffb638c9c0fe20 R14: 0000000000000001 R15: ffff942f9cd051c0\n FS:  0000000000000000(0000) GS:ffff943520900000(0000) knlGS:0000000000000000\n CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f4f25214000 CR3: 000000025fbae004 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n  rwsem_down_write_slowpath+0x17e/0x470\n  smc_link_down_work+0x3c/0x60 [smc]\n  process_one_work+0x1ac/0x350\n  worker_thread+0x49/0x2f0\n  ? rescuer_thread+0x360/0x360\n  kthread+0x118/0x140\n  ? __kthread_bind_mask+0x60/0x60\n  ret_from_fork+0x1f/0x30",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56718",
          "url": "https://www.suse.com/security/cve/CVE-2024-56718"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235589 for CVE-2024-56718",
          "url": "https://bugzilla.suse.com/1235589"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-56718"
    },
    {
      "cve": "CVE-2024-56719",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56719"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix TSO DMA API usage causing oops\n\nCommit 66600fac7a98 (\"net: stmmac: TSO: Fix unbalanced DMA map/unmap\nfor non-paged SKB data\") moved the assignment of tx_skbuff_dma[]\u0027s\nmembers to be later in stmmac_tso_xmit().\n\nThe buf (dma cookie) and len stored in this structure are passed to\ndma_unmap_single() by stmmac_tx_clean(). The DMA API requires that\nthe dma cookie passed to dma_unmap_single() is the same as the value\nreturned from dma_map_single(). However, by moving the assignment\nlater, this is not the case when priv-\u003edma_cap.addr64 \u003e 32 as \"des\"\nis offset by proto_hdr_len.\n\nThis causes problems such as:\n\n  dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed\n\nand with DMA_API_DEBUG enabled:\n\n  DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes]\n\nFix this by maintaining \"des\" as the original DMA cookie, and use\ntso_des to pass the offset DMA cookie to stmmac_tso_allocator().\n\nFull details of the crashes can be found at:\nhttps://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/\nhttps://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56719",
          "url": "https://www.suse.com/security/cve/CVE-2024-56719"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235591 for CVE-2024-56719",
          "url": "https://bugzilla.suse.com/1235591"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-56719"
    },
    {
      "cve": "CVE-2024-56751",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56751"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: release nexthop on device removal\n\nThe CI is hitting some aperiodic hangup at device removal time in the\npmtu.sh self-test:\n\nunregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6\nref_tracker: veth_A-R1@ffff888013df15d8 has 1/5 users at\n\tdst_init+0x84/0x4a0\n\tdst_alloc+0x97/0x150\n\tip6_dst_alloc+0x23/0x90\n\tip6_rt_pcpu_alloc+0x1e6/0x520\n\tip6_pol_route+0x56f/0x840\n\tfib6_rule_lookup+0x334/0x630\n\tip6_route_output_flags+0x259/0x480\n\tip6_dst_lookup_tail.constprop.0+0x5c2/0x940\n\tip6_dst_lookup_flow+0x88/0x190\n\tudp_tunnel6_dst_lookup+0x2a7/0x4c0\n\tvxlan_xmit_one+0xbde/0x4a50 [vxlan]\n\tvxlan_xmit+0x9ad/0xf20 [vxlan]\n\tdev_hard_start_xmit+0x10e/0x360\n\t__dev_queue_xmit+0xf95/0x18c0\n\tarp_solicit+0x4a2/0xe00\n\tneigh_probe+0xaa/0xf0\n\nWhile the first suspect is the dst_cache, explicitly tracking the dst\nowing the last device reference via probes proved such dst is held by\nthe nexthop in the originating fib6_info.\n\nSimilar to commit f5b51fe804ec (\"ipv6: route: purge exception on\nremoval\"), we need to explicitly release the originating fib info when\ndisconnecting a to-be-removed device from a live ipv6 dst: move the\nfib6_info cleanup into ip6_dst_ifdown().\n\nTested running:\n\n./pmtu.sh cleanup_ipv6_exception\n\nin a tight loop for more than 400 iterations with no spat, running an\nunpatched kernel  I observed a splat every ~10 iterations.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56751",
          "url": "https://www.suse.com/security/cve/CVE-2024-56751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234936 for CVE-2024-56751",
          "url": "https://bugzilla.suse.com/1234936"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-56751"
    },
    {
      "cve": "CVE-2024-56758",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56758"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: check folio mapping after unlock in relocate_one_folio()\n\nWhen we call btrfs_read_folio() to bring a folio uptodate, we unlock the\nfolio. The result of that is that a different thread can modify the\nmapping (like remove it with invalidate) before we call folio_lock().\nThis results in an invalid page and we need to try again.\n\nIn particular, if we are relocating concurrently with aborting a\ntransaction, this can result in a crash like the following:\n\n  BUG: kernel NULL pointer dereference, address: 0000000000000000\n  PGD 0 P4D 0\n  Oops: 0000 [#1] SMP\n  CPU: 76 PID: 1411631 Comm: kworker/u322:5\n  Workqueue: events_unbound btrfs_reclaim_bgs_work\n  RIP: 0010:set_page_extent_mapped+0x20/0xb0\n  RSP: 0018:ffffc900516a7be8 EFLAGS: 00010246\n  RAX: ffffea009e851d08 RBX: ffffea009e0b1880 RCX: 0000000000000000\n  RDX: 0000000000000000 RSI: ffffc900516a7b90 RDI: ffffea009e0b1880\n  RBP: 0000000003573000 R08: 0000000000000001 R09: ffff88c07fd2f3f0\n  R10: 0000000000000000 R11: 0000194754b575be R12: 0000000003572000\n  R13: 0000000003572fff R14: 0000000000100cca R15: 0000000005582fff\n  FS:  0000000000000000(0000) GS:ffff88c07fd00000(0000) knlGS:0000000000000000\n  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n  CR2: 0000000000000000 CR3: 000000407d00f002 CR4: 00000000007706f0\n  DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n  DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n  PKRU: 55555554\n  Call Trace:\n  \u003cTASK\u003e\n  ? __die+0x78/0xc0\n  ? page_fault_oops+0x2a8/0x3a0\n  ? __switch_to+0x133/0x530\n  ? wq_worker_running+0xa/0x40\n  ? exc_page_fault+0x63/0x130\n  ? asm_exc_page_fault+0x22/0x30\n  ? set_page_extent_mapped+0x20/0xb0\n  relocate_file_extent_cluster+0x1a7/0x940\n  relocate_data_extent+0xaf/0x120\n  relocate_block_group+0x20f/0x480\n  btrfs_relocate_block_group+0x152/0x320\n  btrfs_relocate_chunk+0x3d/0x120\n  btrfs_reclaim_bgs_work+0x2ae/0x4e0\n  process_scheduled_works+0x184/0x370\n  worker_thread+0xc6/0x3e0\n  ? blk_add_timer+0xb0/0xb0\n  kthread+0xae/0xe0\n  ? flush_tlb_kernel_range+0x90/0x90\n  ret_from_fork+0x2f/0x40\n  ? flush_tlb_kernel_range+0x90/0x90\n  ret_from_fork_asm+0x11/0x20\n  \u003c/TASK\u003e\n\nThis occurs because cleanup_one_transaction() calls\ndestroy_delalloc_inodes() which calls invalidate_inode_pages2() which\ntakes the folio_lock before setting mapping to NULL. We fail to check\nthis, and subsequently call set_extent_mapping(), which assumes that\nmapping != NULL (in fact it asserts that in debug mode)\n\nNote that the \"fixes\" patch here is not the one that introduced the\nrace (the very first iteration of this code from 2009) but a more recent\nchange that made this particular crash happen in practice.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56758",
          "url": "https://www.suse.com/security/cve/CVE-2024-56758"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235621 for CVE-2024-56758",
          "url": "https://bugzilla.suse.com/1235621"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-56758"
    },
    {
      "cve": "CVE-2024-56770",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56770"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: netem: account for backlog updates from child qdisc\n\nIn general, \u0027qlen\u0027 of any classful qdisc should keep track of the\nnumber of packets that the qdisc itself and all of its children holds.\nIn case of netem, \u0027qlen\u0027 only accounts for the packets in its internal\ntfifo. When netem is used with a child qdisc, the child qdisc can use\n\u0027qdisc_tree_reduce_backlog\u0027 to inform its parent, netem, about created\nor dropped SKBs. This function updates \u0027qlen\u0027 and the backlog statistics\nof netem, but netem does not account for changes made by a child qdisc.\n\u0027qlen\u0027 then indicates the wrong number of packets in the tfifo.\nIf a child qdisc creates new SKBs during enqueue and informs its parent\nabout this, netem\u0027s \u0027qlen\u0027 value is increased. When netem dequeues the\nnewly created SKBs from the child, the \u0027qlen\u0027 in netem is not updated.\nIf \u0027qlen\u0027 reaches the configured sch-\u003elimit, the enqueue function stops\nworking, even though the tfifo is not full.\n\nReproduce the bug:\nEnsure that the sender machine has GSO enabled. Configure netem as root\nqdisc and tbf as its child on the outgoing interface of the machine\nas follows:\n$ tc qdisc add dev \u003coif\u003e root handle 1: netem delay 100ms limit 100\n$ tc qdisc add dev \u003coif\u003e parent 1:0 tbf rate 50Mbit burst 1542 latency 50ms\n\nSend bulk TCP traffic out via this interface, e.g., by running an iPerf3\nclient on the machine. Check the qdisc statistics:\n$ tc -s qdisc show dev \u003coif\u003e\n\nStatistics after 10s of iPerf3 TCP test before the fix (note that\nnetem\u0027s backlog \u003e limit, netem stopped accepting packets):\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 2767766 bytes 1848 pkt (dropped 652, overlimits 0 requeues 0)\n backlog 4294528236b 1155p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 2767766 bytes 1848 pkt (dropped 327, overlimits 7601 requeues 0)\n backlog 0b 0p requeues 0\n\nStatistics after the fix:\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 37766372 bytes 24974 pkt (dropped 9, overlimits 0 requeues 0)\n backlog 0b 0p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 37766372 bytes 24974 pkt (dropped 327, overlimits 96017 requeues 0)\n backlog 0b 0p requeues 0\n\ntbf segments the GSO SKBs (tbf_segment) and updates the netem\u0027s \u0027qlen\u0027.\nThe interface fully stops transferring packets and \"locks\". In this case,\nthe child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at\nits limit and no more packets are accepted.\n\nThis patch adds a counter for the entries in the tfifo. Netem\u0027s \u0027qlen\u0027 is\nonly decreased when a packet is returned by its dequeue function, and not\nduring enqueuing into the child qdisc. External updates to \u0027qlen\u0027 are thus\naccounted for and only the behavior of the backlog statistics changes. As\nin other qdiscs, \u0027qlen\u0027 then keeps track of  how many packets are held in\nnetem and all of its children. As before, sch-\u003elimit remains as the\nmaximum number of packets in the tfifo. The same applies to netem\u0027s\nbacklog statistics.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56770",
          "url": "https://www.suse.com/security/cve/CVE-2024-56770"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235637 for CVE-2024-56770",
          "url": "https://bugzilla.suse.com/1235637"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-56770"
    },
    {
      "cve": "CVE-2024-57807",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57807"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: megaraid_sas: Fix for a potential deadlock\n\nThis fixes a \u0027possible circular locking dependency detected\u0027 warning\n      CPU0                    CPU1\n      ----                    ----\n lock(\u0026instance-\u003ereset_mutex);\n                              lock(\u0026shost-\u003escan_mutex);\n                              lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n\nFix this by temporarily releasing the reset_mutex.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57807",
          "url": "https://www.suse.com/security/cve/CVE-2024-57807"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235761 for CVE-2024-57807",
          "url": "https://bugzilla.suse.com/1235761"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-57807"
    },
    {
      "cve": "CVE-2024-57834",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57834"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread\n\nsyzbot report a null-ptr-deref in vidtv_mux_stop_thread. [1]\n\nIf dvb-\u003emux is not initialized successfully by vidtv_mux_init() in the\nvidtv_start_streaming(), it will trigger null pointer dereference about mux\nin vidtv_mux_stop_thread().\n\nAdjust the timing of streaming initialization and check it before\nstopping it.\n\n[1]\nKASAN: null-ptr-deref in range [0x0000000000000128-0x000000000000012f]\nCPU: 0 UID: 0 PID: 5842 Comm: syz-executor248 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nRIP: 0010:vidtv_mux_stop_thread+0x26/0x80 drivers/media/test-drivers/vidtv/vidtv_mux.c:471\nCode: 90 90 90 90 66 0f 1f 00 55 53 48 89 fb e8 82 2e c8 f9 48 8d bb 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 04 02 84 c0 74 02 7e 3b 0f b6 ab 28 01 00 00 31 ff 89 ee e8\nRSP: 0018:ffffc90003f2faa8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff87cfb125\nRDX: 0000000000000025 RSI: ffffffff87d120ce RDI: 0000000000000128\nRBP: ffff888029b8d220 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000003 R12: ffff888029b8d188\nR13: ffffffff8f590aa0 R14: ffffc9000581c5c8 R15: ffff888029a17710\nFS:  00007f7eef5156c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f7eef5e635c CR3: 0000000076ca6000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vidtv_stop_streaming drivers/media/test-drivers/vidtv/vidtv_bridge.c:209 [inline]\n vidtv_stop_feed+0x151/0x250 drivers/media/test-drivers/vidtv/vidtv_bridge.c:252\n dmx_section_feed_stop_filtering+0x90/0x160 drivers/media/dvb-core/dvb_demux.c:1000\n dvb_dmxdev_feed_stop.isra.0+0x1ee/0x270 drivers/media/dvb-core/dmxdev.c:486\n dvb_dmxdev_filter_stop+0x22a/0x3a0 drivers/media/dvb-core/dmxdev.c:559\n dvb_dmxdev_filter_free drivers/media/dvb-core/dmxdev.c:840 [inline]\n dvb_demux_release+0x92/0x550 drivers/media/dvb-core/dmxdev.c:1246\n __fput+0x3f8/0xb60 fs/file_table.c:450\n task_work_run+0x14e/0x250 kernel/task_work.c:239\n get_signal+0x1d3/0x2610 kernel/signal.c:2790\n arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337\n exit_to_user_mode_loop kernel/entry/common.c:111 [inline]\n exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]\n __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]\n syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218\n do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57834",
          "url": "https://www.suse.com/security/cve/CVE-2024-57834"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238993 for CVE-2024-57834",
          "url": "https://bugzilla.suse.com/1238993"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-57834"
    },
    {
      "cve": "CVE-2024-57900",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57900"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: serialize calls to nf_register_net_hooks()\n\nsyzbot found a race in ila_add_mapping() [1]\n\ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")\nattempted to fix a similar issue.\n\nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.\n\nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().\n\n[1]\n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501\n\nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n  __dump_stack lib/dump_stack.c:94 [inline]\n  dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n  print_address_description mm/kasan/report.c:378 [inline]\n  print_report+0xc3/0x620 mm/kasan/report.c:489\n  kasan_report+0xd9/0x110 mm/kasan/report.c:602\n  rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n  __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\n  rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n  rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n  ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]\n  ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n  ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185\n  nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n  nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626\n  nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269\n  NF_HOOK include/linux/netfilter.h:312 [inline]\n  ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309\n  __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672\n  __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785\n  process_backlog+0x443/0x15f0 net/core/dev.c:6117\n  __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883\n  napi_poll net/core/dev.c:6952 [inline]\n  net_rx_action+0xa94/0x1010 net/core/dev.c:7074\n  handle_softirqs+0x213/0x8f0 kernel/softirq.c:561\n  __do_softirq kernel/softirq.c:595 [inline]\n  invoke_softirq kernel/softirq.c:435 [inline]\n  __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662\n  irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n  instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n  sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57900",
          "url": "https://www.suse.com/security/cve/CVE-2024-57900"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235973 for CVE-2024-57900",
          "url": "https://bugzilla.suse.com/1235973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-57900"
    },
    {
      "cve": "CVE-2024-57947",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57947"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f-\u003ebsize of the first element\nis smaller than m-\u003ebsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn\u0027t enough.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57947",
          "url": "https://www.suse.com/security/cve/CVE-2024-57947"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236333 for CVE-2024-57947",
          "url": "https://bugzilla.suse.com/1236333"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1245799 for CVE-2024-57947",
          "url": "https://bugzilla.suse.com/1245799"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-57947"
    },
    {
      "cve": "CVE-2024-57973",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57973"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrdma/cxgb4: Prevent potential integer overflow on 32bit\n\nThe \"gl-\u003etot_len\" variable is controlled by the user.  It comes from\nprocess_responses().  On 32bit systems, the \"gl-\u003etot_len + sizeof(struct\ncpl_pass_accept_req) + sizeof(struct rss_header)\" addition could have an\ninteger wrapping bug.  Use size_add() to prevent this.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57973",
          "url": "https://www.suse.com/security/cve/CVE-2024-57973"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238531 for CVE-2024-57973",
          "url": "https://bugzilla.suse.com/1238531"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-57973"
    },
    {
      "cve": "CVE-2024-57974",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57974"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Deal with race between UDP socket address change and rehash\n\nIf a UDP socket changes its local address while it\u0027s receiving\ndatagrams, as a result of connect(), there is a period during which\na lookup operation might fail to find it, after the address is changed\nbut before the secondary hash (port and address) and the four-tuple\nhash (local and remote ports and addresses) are updated.\n\nSecondary hash chains were introduced by commit 30fff9231fad (\"udp:\nbind() optimisation\") and, as a result, a rehash operation became\nneeded to make a bound socket reachable again after a connect().\n\nThis operation was introduced by commit 719f835853a9 (\"udp: add\nrehash on connect()\") which isn\u0027t however a complete fix: the\nsocket will be found once the rehashing completes, but not while\nit\u0027s pending.\n\nThis is noticeable with a socat(1) server in UDP4-LISTEN mode, and a\nclient sending datagrams to it. After the server receives the first\ndatagram (cf. _xioopen_ipdgram_listen()), it issues a connect() to\nthe address of the sender, in order to set up a directed flow.\n\nNow, if the client, running on a different CPU thread, happens to\nsend a (subsequent) datagram while the server\u0027s socket changes its\naddress, but is not rehashed yet, this will result in a failed\nlookup and a port unreachable error delivered to the client, as\napparent from the following reproducer:\n\n  LEN=$(($(cat /proc/sys/net/core/wmem_default) / 4))\n  dd if=/dev/urandom bs=1 count=${LEN} of=tmp.in\n\n  while :; do\n  \ttaskset -c 1 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n  \tsleep 0.1 || sleep 1\n  \ttaskset -c 2 socat OPEN:tmp.in UDP4:localhost:1337,shut-null\n  \twait\n  done\n\nwhere the client will eventually get ECONNREFUSED on a write()\n(typically the second or third one of a given iteration):\n\n  2024/11/13 21:28:23 socat[46901] E write(6, 0x556db2e3c000, 8192): Connection refused\n\nThis issue was first observed as a seldom failure in Podman\u0027s tests\nchecking UDP functionality while using pasta(1) to connect the\ncontainer\u0027s network namespace, which leads us to a reproducer with\nthe lookup error resulting in an ICMP packet on a tap device:\n\n  LOCAL_ADDR=\"$(ip -j -4 addr show|jq -rM \u0027.[] | .addr_info[0] | select(.scope == \"global\").local\u0027)\"\n\n  while :; do\n  \t./pasta --config-net -p pasta.pcap -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n  \tsleep 0.2 || sleep 1\n  \tsocat OPEN:tmp.in UDP4:${LOCAL_ADDR}:1337,shut-null\n  \twait\n  \tcmp tmp.in tmp.out\n  done\n\nOnce this fails:\n\n  tmp.in tmp.out differ: char 8193, line 29\n\nwe can finally have a look at what\u0027s going on:\n\n  $ tshark -r pasta.pcap\n      1   0.000000           :: ? ff02::16     ICMPv6 110 Multicast Listener Report Message v2\n      2   0.168690 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n      3   0.168767 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n      4   0.168806 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n      5   0.168827 c6:47:05:8d:dc:04 ? Broadcast    ARP 42 Who has 88.198.0.161? Tell 88.198.0.164\n      6   0.168851 9a:55:9a:55:9a:55 ? c6:47:05:8d:dc:04 ARP 42 88.198.0.161 is at 9a:55:9a:55:9a:55\n      7   0.168875 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n      8   0.168896 88.198.0.164 ? 88.198.0.161 ICMP 590 Destination unreachable (Port unreachable)\n      9   0.168926 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n     10   0.168959 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n     11   0.168989 88.198.0.161 ? 88.198.0.164 UDP 4138 60260 ? 1337 Len=4096\n     12   0.169010 88.198.0.161 ? 88.198.0.164 UDP 42 60260 ? 1337 Len=0\n\nOn the third datagram received, the network namespace of the container\ninitiates an ARP lookup to deliver the ICMP message.\n\nIn another variant of this reproducer, starting the client with:\n\n  strace -f pasta --config-net -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,tru\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57974",
          "url": "https://www.suse.com/security/cve/CVE-2024-57974"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238532 for CVE-2024-57974",
          "url": "https://bugzilla.suse.com/1238532"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-57974"
    },
    {
      "cve": "CVE-2024-57978",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57978"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx-jpeg: Fix potential error pointer dereference in detach_pm()\n\nThe proble is on the first line:\n\n\tif (jpeg-\u003epd_dev[i] \u0026\u0026 !pm_runtime_suspended(jpeg-\u003epd_dev[i]))\n\nIf jpeg-\u003epd_dev[i] is an error pointer, then passing it to\npm_runtime_suspended() will lead to an Oops.  The other conditions\ncheck for both error pointers and NULL, but it would be more clear to\nuse the IS_ERR_OR_NULL() check for that.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57978",
          "url": "https://www.suse.com/security/cve/CVE-2024-57978"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238523 for CVE-2024-57978",
          "url": "https://bugzilla.suse.com/1238523"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-57978"
    },
    {
      "cve": "CVE-2024-57979",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57979"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\npps: Fix a use-after-free\n\nOn a board running ntpd and gpsd, I\u0027m seeing a consistent use-after-free\nin sys_exit() from gpsd when rebooting:\n\n    pps pps1: removed\n    ------------[ cut here ]------------\n    kobject: \u0027(null)\u0027 (00000000db4bec24): is not initialized, yet kobject_put() is being called.\n    WARNING: CPU: 2 PID: 440 at lib/kobject.c:734 kobject_put+0x120/0x150\n    CPU: 2 UID: 299 PID: 440 Comm: gpsd Not tainted 6.11.0-rc6-00308-gb31c44928842 #1\n    Hardware name: Raspberry Pi 4 Model B Rev 1.1 (DT)\n    pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n    pc : kobject_put+0x120/0x150\n    lr : kobject_put+0x120/0x150\n    sp : ffffffc0803d3ae0\n    x29: ffffffc0803d3ae0 x28: ffffff8042dc9738 x27: 0000000000000001\n    x26: 0000000000000000 x25: ffffff8042dc9040 x24: ffffff8042dc9440\n    x23: ffffff80402a4620 x22: ffffff8042ef4bd0 x21: ffffff80405cb600\n    x20: 000000000008001b x19: ffffff8040b3b6e0 x18: 0000000000000000\n    x17: 0000000000000000 x16: 0000000000000000 x15: 696e6920746f6e20\n    x14: 7369203a29343263 x13: 205d303434542020 x12: 0000000000000000\n    x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\n    x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n    x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n    x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\n    Call trace:\n     kobject_put+0x120/0x150\n     cdev_put+0x20/0x3c\n     __fput+0x2c4/0x2d8\n     ____fput+0x1c/0x38\n     task_work_run+0x70/0xfc\n     do_exit+0x2a0/0x924\n     do_group_exit+0x34/0x90\n     get_signal+0x7fc/0x8c0\n     do_signal+0x128/0x13b4\n     do_notify_resume+0xdc/0x160\n     el0_svc+0xd4/0xf8\n     el0t_64_sync_handler+0x140/0x14c\n     el0t_64_sync+0x190/0x194\n    ---[ end trace 0000000000000000 ]---\n\n...followed by more symptoms of corruption, with similar stacks:\n\n    refcount_t: underflow; use-after-free.\n    kernel BUG at lib/list_debug.c:62!\n    Kernel panic - not syncing: Oops - BUG: Fatal exception\n\nThis happens because pps_device_destruct() frees the pps_device with the\nembedded cdev immediately after calling cdev_del(), but, as the comment\nabove cdev_del() notes, fops for previously opened cdevs are still\ncallable even after cdev_del() returns. I think this bug has always\nbeen there: I can\u0027t explain why it suddenly started happening every time\nI reboot this particular board.\n\nIn commit d953e0e837e6 (\"pps: Fix a use-after free bug when\nunregistering a source.\"), George Spelvin suggested removing the\nembedded cdev. That seems like the simplest way to fix this, so I\u0027ve\nimplemented his suggestion, using __register_chrdev() with pps_idr\nbecoming the source of truth for which minor corresponds to which\ndevice.\n\nBut now that pps_idr defines userspace visibility instead of cdev_add(),\nwe need to be sure the pps-\u003edev refcount can\u0027t reach zero while\nuserspace can still find it again. So, the idr_remove() call moves to\npps_unregister_cdev(), and pps_idr now holds a reference to pps-\u003edev.\n\n    pps_core: source serial1 got cdev (251:1)\n    \u003c...\u003e\n    pps pps1: removed\n    pps_core: unregistering pps1\n    pps_core: deallocating pps1",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57979",
          "url": "https://www.suse.com/security/cve/CVE-2024-57979"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238521 for CVE-2024-57979",
          "url": "https://bugzilla.suse.com/1238521"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-57979"
    },
    {
      "cve": "CVE-2024-57980",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57980"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix double free in error path\n\nIf the uvc_status_init() function fails to allocate the int_urb, it will\nfree the dev-\u003estatus pointer but doesn\u0027t reset the pointer to NULL. This\nresults in the kfree() call in uvc_status_cleanup() trying to\ndouble-free the memory. Fix it by resetting the dev-\u003estatus pointer to\nNULL after freeing it.\n\nReviewed by: Ricardo Ribalda \u003cribalda@chromium.org\u003e",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57980",
          "url": "https://www.suse.com/security/cve/CVE-2024-57980"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237911 for CVE-2024-57980",
          "url": "https://bugzilla.suse.com/1237911"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-57980"
    },
    {
      "cve": "CVE-2024-57981",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57981"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix NULL pointer dereference on certain command aborts\n\nIf a command is queued to the final usable TRB of a ring segment, the\nenqueue pointer is advanced to the subsequent link TRB and no further.\nIf the command is later aborted, when the abort completion is handled\nthe dequeue pointer is advanced to the first TRB of the next segment.\n\nIf no further commands are queued, xhci_handle_stopped_cmd_ring() sees\nthe ring pointers unequal and assumes that there is a pending command,\nso it calls xhci_mod_cmd_timer() which crashes if cur_cmd was NULL.\n\nDon\u0027t attempt timer setup if cur_cmd is NULL. The subsequent doorbell\nring likely is unnecessary too, but it\u0027s harmless. Leave it alone.\n\nThis is probably Bug 219532, but no confirmation has been received.\n\nThe issue has been independently reproduced and confirmed fixed using\na USB MCU programmed to NAK the Status stage of SET_ADDRESS forever.\nEverything continued working normally after several prevented crashes.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57981",
          "url": "https://www.suse.com/security/cve/CVE-2024-57981"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237912 for CVE-2024-57981",
          "url": "https://bugzilla.suse.com/1237912"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-57981"
    },
    {
      "cve": "CVE-2024-57986",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57986"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Fix assumption that Resolution Multipliers must be in Logical Collections\n\nA report in 2019 by the syzbot fuzzer was found to be connected to two\nerrors in the HID core associated with Resolution Multipliers.  One of\nthe errors was fixed by commit ea427a222d8b (\"HID: core: Fix deadloop\nin hid_apply_multiplier.\"), but the other has not been fixed.\n\nThis error arises because hid_apply_multipler() assumes that every\nResolution Multiplier control is contained in a Logical Collection,\ni.e., there\u0027s no way the routine can ever set multiplier_collection to\nNULL.  This is in spite of the fact that the function starts with a\nbig comment saying:\n\n\t * \"The Resolution Multiplier control must be contained in the same\n\t * Logical Collection as the control(s) to which it is to be applied.\n\t   ...\n\t *  If no Logical Collection is\n\t * defined, the Resolution Multiplier is associated with all\n\t * controls in the report.\"\n\t * HID Usage Table, v1.12, Section 4.3.1, p30\n\t *\n\t * Thus, search from the current collection upwards until we find a\n\t * logical collection...\n\nThe comment and the code overlook the possibility that none of the\ncollections found may be a Logical Collection.\n\nThe fix is to set the multiplier_collection pointer to NULL if the\ncollection found isn\u0027t a Logical Collection.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57986",
          "url": "https://www.suse.com/security/cve/CVE-2024-57986"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237907 for CVE-2024-57986",
          "url": "https://bugzilla.suse.com/1237907"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-57986"
    },
    {
      "cve": "CVE-2024-57990",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57990"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: fix off by one in mt7925_load_clc()\n\nThis comparison should be \u003e= instead of \u003e to prevent an out of bounds\nread and write.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57990",
          "url": "https://www.suse.com/security/cve/CVE-2024-57990"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237900 for CVE-2024-57990",
          "url": "https://bugzilla.suse.com/1237900"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-57990"
    },
    {
      "cve": "CVE-2024-57993",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57993"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check\n\nsyzbot has found a type mismatch between a USB pipe and the transfer\nendpoint, which is triggered by the hid-thrustmaster driver[1].\nThere is a number of similar, already fixed issues [2].\nIn this case as in others, implementing check for endpoint type fixes the issue.\n\n[1] https://syzkaller.appspot.com/bug?extid=040e8b3db6a96908d470\n[2] https://syzkaller.appspot.com/bug?extid=348331f63b034f89b622",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57993",
          "url": "https://www.suse.com/security/cve/CVE-2024-57993"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237894 for CVE-2024-57993",
          "url": "https://bugzilla.suse.com/1237894"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-57993"
    },
    {
      "cve": "CVE-2024-57996",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57996"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: don\u0027t allow 1 packet limit\n\nThe current implementation does not work correctly with a limit of\n1. iproute2 actually checks for this and this patch adds the check in\nkernel as well.\n\nThis fixes the following syzkaller reported crash:\n\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n  __dump_stack lib/dump_stack.c:79 [inline]\n  dump_stack+0x125/0x19f lib/dump_stack.c:120\n  ubsan_epilogue lib/ubsan.c:148 [inline]\n  __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347\n  sfq_link net/sched/sch_sfq.c:210 [inline]\n  sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238\n  sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500\n  sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525\n  qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n  tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319\n  qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n  dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296\n  netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline]\n  dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362\n  __dev_close_many+0x214/0x350 net/core/dev.c:1468\n  dev_close_many+0x207/0x510 net/core/dev.c:1506\n  unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738\n  unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695\n  unregister_netdevice include/linux/netdevice.h:2893 [inline]\n  __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689\n  tun_detach drivers/net/tun.c:705 [inline]\n  tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640\n  __fput+0x203/0x840 fs/file_table.c:280\n  task_work_run+0x129/0x1b0 kernel/task_work.c:185\n  exit_task_work include/linux/task_work.h:33 [inline]\n  do_exit+0x5ce/0x2200 kernel/exit.c:931\n  do_group_exit+0x144/0x310 kernel/exit.c:1046\n  __do_sys_exit_group kernel/exit.c:1057 [inline]\n  __se_sys_exit_group kernel/exit.c:1055 [inline]\n  __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055\n do_syscall_64+0x6c/0xd0\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\nRIP: 0033:0x7fe5e7b52479\nCode: Unable to access opcode bytes at RIP 0x7fe5e7b5244f.\nRSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0\nR13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270\n\nThe crash can be also be reproduced with the following (with a tc\nrecompiled to allow for sfq limits of 1):\n\ntc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s\n../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1\nifconfig dummy0 up\nping -I dummy0 -f -c2 -W0.1 8.8.8.8\nsleep 1\n\nScenario that triggers the crash:\n\n* the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1\n\n* TBF dequeues: it peeks from SFQ which moves the packet to the\n  gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so\n  it schedules itself for later.\n\n* the second packet is sent and TBF tries to queues it to SFQ. qdisc\n  qlen is now 2 and because the SFQ limit is 1 the packet is dropped\n  by SFQ. At this point qlen is 1, and all of the SFQ slots are empty,\n  however q-\u003etail is not NULL.\n\nAt this point, assuming no more packets are queued, when sch_dequeue\nruns again it will decrement the qlen for the current empty slot\ncausing an underflow and the subsequent out of bounds access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57996",
          "url": "https://www.suse.com/security/cve/CVE-2024-57996"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239076 for CVE-2024-57996",
          "url": "https://bugzilla.suse.com/1239076"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239077 for CVE-2024-57996",
          "url": "https://bugzilla.suse.com/1239077"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-57996"
    },
    {
      "cve": "CVE-2024-57997",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57997"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wcn36xx: fix channel survey memory allocation size\n\nKASAN reported a memory allocation issue in wcn-\u003echan_survey\ndue to incorrect size calculation.\nThis commit uses kcalloc to allocate memory for wcn-\u003echan_survey,\nensuring proper initialization and preventing the use of uninitialized\nvalues when there are no frames on the channel.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57997",
          "url": "https://www.suse.com/security/cve/CVE-2024-57997"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238529 for CVE-2024-57997",
          "url": "https://bugzilla.suse.com/1238529"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-57997"
    },
    {
      "cve": "CVE-2024-57999",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-57999"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW\n\nPower Hypervisor can possibily allocate MMIO window intersecting with\nDynamic DMA Window (DDW) range, which is over 32-bit addressing.\n\nThese MMIO pages needs to be marked as reserved so that IOMMU doesn\u0027t map\nDMA buffers in this range.\n\nThe current code is not marking these pages correctly which is resulting\nin LPAR to OOPS while booting. The stack is at below\n\nBUG: Unable to handle kernel data access on read at 0xc00800005cd40000\nFaulting instruction address: 0xc00000000005cdac\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: af_packet rfkill ibmveth(X) lpfc(+) nvmet_fc nvmet nvme_keyring crct10dif_vpmsum nvme_fc nvme_fabrics nvme_core be2net(+) nvme_auth rtc_generic nfsd auth_rpcgss nfs_acl lockd grace sunrpc fuse configfs ip_tables x_tables xfs libcrc32c dm_service_time ibmvfc(X) scsi_transport_fc vmx_crypto gf128mul crc32c_vpmsum dm_mirror dm_region_hash dm_log dm_multipath dm_mod sd_mod scsi_dh_emc scsi_dh_rdac scsi_dh_alua t10_pi crc64_rocksoft_generic crc64_rocksoft sg crc64 scsi_mod\nSupported: Yes, External\nCPU: 8 PID: 241 Comm: kworker/8:1 Kdump: loaded Not tainted 6.4.0-150600.23.14-default #1 SLE15-SP6 b44ee71c81261b9e4bab5e0cde1f2ed891d5359b\nHardware name: IBM,9080-M9S POWER9 (raw) 0x4e2103 0xf000005 of:IBM,FW950.B0 (VH950_149) hv:phyp pSeries\nWorkqueue: events work_for_cpu_fn\nNIP:  c00000000005cdac LR: c00000000005e830 CTR: 0000000000000000\nREGS: c00001400c9ff770 TRAP: 0300   Not tainted  (6.4.0-150600.23.14-default)\nMSR:  800000000280b033 \u003cSF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e  CR: 24228448  XER: 00000001\nCFAR: c00000000005cdd4 DAR: c00800005cd40000 DSISR: 40000000 IRQMASK: 0\nGPR00: c00000000005e830 c00001400c9ffa10 c000000001987d00 c00001400c4fe800\nGPR04: 0000080000000000 0000000000000001 0000000004000000 0000000000800000\nGPR08: 0000000004000000 0000000000000001 c00800005cd40000 ffffffffffffffff\nGPR12: 0000000084228882 c00000000a4c4f00 0000000000000010 0000080000000000\nGPR16: c00001400c4fe800 0000000004000000 0800000000000000 c00000006088b800\nGPR20: c00001401a7be980 c00001400eff3800 c000000002a2da68 000000000000002b\nGPR24: c0000000026793a8 c000000002679368 000000000000002a c0000000026793c8\nGPR28: 000008007effffff 0000080000000000 0000000000800000 c00001400c4fe800\nNIP [c00000000005cdac] iommu_table_reserve_pages+0xac/0x100\nLR [c00000000005e830] iommu_init_table+0x80/0x1e0\nCall Trace:\n[c00001400c9ffa10] [c00000000005e810] iommu_init_table+0x60/0x1e0 (unreliable)\n[c00001400c9ffa90] [c00000000010356c] iommu_bypass_supported_pSeriesLP+0x9cc/0xe40\n[c00001400c9ffc30] [c00000000005c300] dma_iommu_dma_supported+0xf0/0x230\n[c00001400c9ffcb0] [c00000000024b0c4] dma_supported+0x44/0x90\n[c00001400c9ffcd0] [c00000000024b14c] dma_set_mask+0x3c/0x80\n[c00001400c9ffd00] [c0080000555b715c] be_probe+0xc4/0xb90 [be2net]\n[c00001400c9ffdc0] [c000000000986f3c] local_pci_probe+0x6c/0x110\n[c00001400c9ffe40] [c000000000188f28] work_for_cpu_fn+0x38/0x60\n[c00001400c9ffe70] [c00000000018e454] process_one_work+0x314/0x620\n[c00001400c9fff10] [c00000000018f280] worker_thread+0x2b0/0x620\n[c00001400c9fff90] [c00000000019bb18] kthread+0x148/0x150\n[c00001400c9fffe0] [c00000000000ded8] start_kernel_thread+0x14/0x18\n\nThere are 2 issues in the code\n\n1. The index is \"int\" while the address is \"unsigned long\". This results in\n   negative value when setting the bitmap.\n\n2. The DMA offset is page shifted but the MMIO range is used as-is (64-bit\n   address). MMIO address needs to be page shifted as well.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-57999",
          "url": "https://www.suse.com/security/cve/CVE-2024-57999"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238526 for CVE-2024-57999",
          "url": "https://bugzilla.suse.com/1238526"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-57999"
    },
    {
      "cve": "CVE-2024-58002",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58002"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Remove dangling pointers\n\nWhen an async control is written, we copy a pointer to the file handle\nthat started the operation. That pointer will be used when the device is\ndone. Which could be anytime in the future.\n\nIf the user closes that file descriptor, its structure will be freed,\nand there will be one dangling pointer per pending async control, that\nthe driver will try to use.\n\nClean all the dangling pointers during release().\n\nTo avoid adding a performance penalty in the most common case (no async\noperation), a counter has been introduced with some logic to make sure\nthat it is properly handled.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58002",
          "url": "https://www.suse.com/security/cve/CVE-2024-58002"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238503 for CVE-2024-58002",
          "url": "https://bugzilla.suse.com/1238503"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58002"
    },
    {
      "cve": "CVE-2024-58005",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58005"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Change to kvalloc() in eventlog/acpi.c\n\nThe following failure was reported on HPE ProLiant D320:\n\n[   10.693310][    T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0)\n[   10.848132][    T1] ------------[ cut here ]------------\n[   10.853559][    T1] WARNING: CPU: 59 PID: 1 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x2ca/0x330\n[   10.862827][    T1] Modules linked in:\n[   10.866671][    T1] CPU: 59 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-lp155.2.g52785e2-default #1 openSUSE Tumbleweed (unreleased) 588cd98293a7c9eba9013378d807364c088c9375\n[   10.882741][    T1] Hardware name: HPE ProLiant DL320 Gen12/ProLiant DL320 Gen12, BIOS 1.20 10/28/2024\n[   10.892170][    T1] RIP: 0010:__alloc_pages_noprof+0x2ca/0x330\n[   10.898103][    T1] Code: 24 08 e9 4a fe ff ff e8 34 36 fa ff e9 88 fe ff ff 83 fe 0a 0f 86 b3 fd ff ff 80 3d 01 e7 ce 01 00 75 09 c6 05 f8 e6 ce 01 01 \u003c0f\u003e 0b 45 31 ff e9 e5 fe ff ff f7 c2 00 00 08 00 75 42 89 d9 80 e1\n[   10.917750][    T1] RSP: 0000:ffffb7cf40077980 EFLAGS: 00010246\n[   10.923777][    T1] RAX: 0000000000000000 RBX: 0000000000040cc0 RCX: 0000000000000000\n[   10.931727][    T1] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000040cc0\n\nThe above transcript shows that ACPI pointed a 16 MiB buffer for the log\nevents because RSI maps to the \u0027order\u0027 parameter of __alloc_pages_noprof().\nAddress the bug by moving from devm_kmalloc() to devm_add_action() and\nkvmalloc() and devm_add_action().",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58005",
          "url": "https://www.suse.com/security/cve/CVE-2024-58005"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237873 for CVE-2024-58005",
          "url": "https://bugzilla.suse.com/1237873"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58005"
    },
    {
      "cve": "CVE-2024-58006",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58006"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()\n\nIn commit 4284c88fff0e (\"PCI: designware-ep: Allow pci_epc_set_bar() update\ninbound map address\") set_bar() was modified to support dynamically\nchanging the backing physical address of a BAR that was already configured.\n\nThis means that set_bar() can be called twice, without ever calling\nclear_bar() (as calling clear_bar() would clear the BAR\u0027s PCI address\nassigned by the host).\n\nThis can only be done if the new BAR size/flags does not differ from the\nexisting BAR configuration. Add these missing checks.\n\nIf we allow set_bar() to set e.g. a new BAR size that differs from the\nexisting BAR size, the new address translation range will be smaller than\nthe BAR size already determined by the host, which would mean that a read\npast the new BAR size would pass the iATU untranslated, which could allow\nthe host to read memory not belonging to the new struct pci_epf_bar.\n\nWhile at it, add comments which clarifies the support for dynamically\nchanging the physical address of a BAR. (Which was also missing.)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58006",
          "url": "https://www.suse.com/security/cve/CVE-2024-58006"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238772 for CVE-2024-58006",
          "url": "https://bugzilla.suse.com/1238772"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58006"
    },
    {
      "cve": "CVE-2024-58007",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58007"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: socinfo: Avoid out of bounds read of serial number\n\nOn MSM8916 devices, the serial number exposed in sysfs is constant and does\nnot change across individual devices. It\u0027s always:\n\n  db410c:/sys/devices/soc0$ cat serial_number\n  2644893864\n\nThe firmware used on MSM8916 exposes SOCINFO_VERSION(0, 8), which does not\nhave support for the serial_num field in the socinfo struct. There is an\nexisting check to avoid exposing the serial number in that case, but it\u0027s\nnot correct: When checking the item_size returned by SMEM, we need to make\nsure the *end* of the serial_num is within bounds, instead of comparing\nwith the *start* offset. The serial_number currently exposed on MSM8916\ndevices is just an out of bounds read of whatever comes after the socinfo\nstruct in SMEM.\n\nFix this by changing offsetof() to offsetofend(), so that the size of the\nfield is also taken into account.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58007",
          "url": "https://www.suse.com/security/cve/CVE-2024-58007"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238511 for CVE-2024-58007",
          "url": "https://bugzilla.suse.com/1238511"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58007"
    },
    {
      "cve": "CVE-2024-58009",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58009"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58009",
          "url": "https://www.suse.com/security/cve/CVE-2024-58009"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238760 for CVE-2024-58009",
          "url": "https://bugzilla.suse.com/1238760"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58009"
    },
    {
      "cve": "CVE-2024-58011",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58011"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: int3472: Check for adev == NULL\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL. This\ncan e.g. (theoretically) happen when a user manually binds one of\nthe int3472 drivers to another i2c/platform device through sysfs.\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58011",
          "url": "https://www.suse.com/security/cve/CVE-2024-58011"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239080 for CVE-2024-58011",
          "url": "https://bugzilla.suse.com/1239080"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58011"
    },
    {
      "cve": "CVE-2024-58012",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58012"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params\n\nEach cpu DAI should associate with a widget. However, the topology might\nnot create the right number of DAI widgets for aggregated amps. And it\nwill cause NULL pointer deference.\nCheck that the DAI widget associated with the CPU DAI is valid to prevent\nNULL pointer deference due to missing DAI widgets in topologies with\naggregated amps.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58012",
          "url": "https://www.suse.com/security/cve/CVE-2024-58012"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239104 for CVE-2024-58012",
          "url": "https://bugzilla.suse.com/1239104"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58012"
    },
    {
      "cve": "CVE-2024-58013",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58013"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync\n\nThis fixes the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\nRead of size 8 at addr ffff88814128f898 by task kworker/u9:4/5961\n\nCPU: 1 UID: 0 PID: 5961 Comm: kworker/u9:4 Not tainted 6.12.0-syzkaller-10684-gf1cd565ce577 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nAllocated by task 16026:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n mgmt_pending_new+0x65/0x250 net/bluetooth/mgmt_util.c:269\n mgmt_pending_add+0x36/0x120 net/bluetooth/mgmt_util.c:296\n remove_adv_monitor+0x102/0x1b0 net/bluetooth/mgmt.c:5568\n hci_mgmt_cmd+0xc47/0x11d0 net/bluetooth/hci_sock.c:1712\n hci_sock_sendmsg+0x7b8/0x11c0 net/bluetooth/hci_sock.c:1832\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n sock_write_iter+0x2d7/0x3f0 net/socket.c:1147\n new_sync_write fs/read_write.c:586 [inline]\n vfs_write+0xaeb/0xd30 fs/read_write.c:679\n ksys_write+0x18f/0x2b0 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 16022:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2338 [inline]\n slab_free mm/slub.c:4598 [inline]\n kfree+0x196/0x420 mm/slub.c:4746\n mgmt_pending_foreach+0xd1/0x130 net/bluetooth/mgmt_util.c:259\n __mgmt_power_off+0x183/0x430 net/bluetooth/mgmt.c:9550\n hci_dev_close_sync+0x6c4/0x11c0 net/bluetooth/hci_sync.c:5208\n hci_dev_do_close net/bluetooth/hci_core.c:483 [inline]\n hci_dev_close+0x112/0x210 net/bluetooth/hci_core.c:508\n sock_do_ioctl+0x158/0x460 net/socket.c:1209\n sock_ioctl+0x626/0x8e0 net/socket.c:1328\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58013",
          "url": "https://www.suse.com/security/cve/CVE-2024-58013"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239095 for CVE-2024-58013",
          "url": "https://bugzilla.suse.com/1239095"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239096 for CVE-2024-58013",
          "url": "https://bugzilla.suse.com/1239096"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-58013"
    },
    {
      "cve": "CVE-2024-58014",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58014"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()\n\nIn \u0027wlc_phy_iqcal_gainparams_nphy()\u0027, add gain range check to WARN()\ninstead of possible out-of-bounds \u0027tbl_iqcal_gainparams_nphy\u0027 access.\nCompile tested only.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58014",
          "url": "https://www.suse.com/security/cve/CVE-2024-58014"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239109 for CVE-2024-58014",
          "url": "https://bugzilla.suse.com/1239109"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239110 for CVE-2024-58014",
          "url": "https://bugzilla.suse.com/1239110"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-58014"
    },
    {
      "cve": "CVE-2024-58017",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58017"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\n\nShifting 1 \u003c\u003c 31 on a 32-bit int causes signed integer overflow, which\nleads to undefined behavior. To prevent this, cast 1 to u32 before\nperforming the shift, ensuring well-defined behavior.\n\nThis change explicitly avoids any potential overflow by ensuring that\nthe shift occurs on an unsigned 32-bit integer.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58017",
          "url": "https://www.suse.com/security/cve/CVE-2024-58017"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239112 for CVE-2024-58017",
          "url": "https://bugzilla.suse.com/1239112"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58017"
    },
    {
      "cve": "CVE-2024-58019",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58019"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm/gsp: correctly advance the read pointer of GSP message queue\n\nA GSP event message consists three parts: message header, RPC header,\nmessage body. GSP calculates the number of pages to write from the\ntotal size of a GSP message. This behavior can be observed from the\nmovement of the write pointer.\n\nHowever, nvkm takes only the size of RPC header and message body as\nthe message size when advancing the read pointer. When handling a\ntwo-page GSP message in the non rollback case, It wrongly takes the\nmessage body of the previous message as the message header of the next\nmessage. As the \"message length\" tends to be zero, in the calculation of\nsize needs to be copied (0 - size of (message header)), the size needs to\nbe copied will be \"0xffffffxx\". It also triggers a kernel panic due to a\nNULL pointer error.\n\n[  547.614102] msg: 00000f90: ff ff ff ff ff ff ff ff 40 d7 18 fb 8b 00 00 00  ........@.......\n[  547.622533] msg: 00000fa0: 00 00 00 00 ff ff ff ff ff ff ff ff 00 00 00 00  ................\n[  547.630965] msg: 00000fb0: ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff  ................\n[  547.639397] msg: 00000fc0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff  ................\n[  547.647832] nvkm 0000:c1:00.0: gsp: peek msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[  547.655225] nvkm 0000:c1:00.0: gsp: get msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[  547.662532] BUG: kernel NULL pointer dereference, address: 0000000000000020\n[  547.669485] #PF: supervisor read access in kernel mode\n[  547.674624] #PF: error_code(0x0000) - not-present page\n[  547.679755] PGD 0 P4D 0\n[  547.682294] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[  547.686643] CPU: 22 PID: 322 Comm: kworker/22:1 Tainted: G            E      6.9.0-rc6+ #1\n[  547.694893] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[  547.702626] Workqueue: events r535_gsp_msgq_work [nvkm]\n[  547.707921] RIP: 0010:r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[  547.713375] Code: 00 8b 70 08 48 89 e1 31 d2 4c 89 f7 e8 12 f5 ff ff 48 89 c5 48 85 c0 0f 84 cf 00 00 00 48 81 fd 00 f0 ff ff 0f 87 c4 00 00 00 \u003c8b\u003e 55 10 41 8b 46 30 85 d2 0f 85 f6 00 00 00 83 f8 04 76 10 ba 05\n[  547.732119] RSP: 0018:ffffabe440f87e10 EFLAGS: 00010203\n[  547.737335] RAX: 0000000000000010 RBX: 0000000000000008 RCX: 000000000000003f\n[  547.744461] RDX: 0000000000000000 RSI: ffffabe4480a8030 RDI: 0000000000000010\n[  547.751585] RBP: 0000000000000010 R08: 0000000000000000 R09: ffffabe440f87bb0\n[  547.758707] R10: ffffabe440f87dc8 R11: 0000000000000010 R12: 0000000000000000\n[  547.765834] R13: 0000000000000000 R14: ffff9351df1e5000 R15: 0000000000000000\n[  547.772958] FS:  0000000000000000(0000) GS:ffff93708eb00000(0000) knlGS:0000000000000000\n[  547.781035] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  547.786771] CR2: 0000000000000020 CR3: 00000003cc220002 CR4: 0000000000770ef0\n[  547.793896] PKRU: 55555554\n[  547.796600] Call Trace:\n[  547.799046]  \u003cTASK\u003e\n[  547.801152]  ? __die+0x20/0x70\n[  547.804211]  ? page_fault_oops+0x75/0x170\n[  547.808221]  ? print_hex_dump+0x100/0x160\n[  547.812226]  ? exc_page_fault+0x64/0x150\n[  547.816152]  ? asm_exc_page_fault+0x22/0x30\n[  547.820341]  ? r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[  547.825184]  r535_gsp_msgq_work+0x42/0x50 [nvkm]\n[  547.829845]  process_one_work+0x196/0x3d0\n[  547.833861]  worker_thread+0x2fc/0x410\n[  547.837613]  ? __pfx_worker_thread+0x10/0x10\n[  547.841885]  kthread+0xdf/0x110\n[  547.845031]  ? __pfx_kthread+0x10/0x10\n[  547.848775]  ret_from_fork+0x30/0x50\n[  547.852354]  ? __pfx_kthread+0x10/0x10\n[  547.856097]  ret_from_fork_asm+0x1a/0x30\n[  547.860019]  \u003c/TASK\u003e\n[  547.862208] Modules linked in: nvkm(E) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) amd64_edac(E) mlx5_ib(E) edac_mce_amd(E) kvm_amd\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58019",
          "url": "https://www.suse.com/security/cve/CVE-2024-58019"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238997 for CVE-2024-58019",
          "url": "https://bugzilla.suse.com/1238997"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58019"
    },
    {
      "cve": "CVE-2024-58020",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58020"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Add NULL check in mt_input_configured\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in mt_input_configured() is not checked.\nAdd NULL check in mt_input_configured(), to handle kernel NULL\npointer dereference error.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58020",
          "url": "https://www.suse.com/security/cve/CVE-2024-58020"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239346 for CVE-2024-58020",
          "url": "https://bugzilla.suse.com/1239346"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58020"
    },
    {
      "cve": "CVE-2024-58034",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58034"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()\n\nAs of_find_node_by_name() release the reference of the argument device\nnode, tegra_emc_find_node_by_ram_code() releases some device nodes while\nstill in use, resulting in possible UAFs. According to the bindings and\nthe in-tree DTS files, the \"emc-tables\" node is always device\u0027s child\nnode with the property \"nvidia,use-ram-code\", and the \"lpddr2\" node is a\nchild of the \"emc-tables\" node. Thus utilize the\nfor_each_child_of_node() macro and of_get_child_by_name() instead of\nof_find_node_by_name() to simplify the code.\n\nThis bug was found by an experimental verification tool that I am\ndeveloping.\n\n[krzysztof: applied v1, adjust the commit msg to incorporate v2 parts]",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58034",
          "url": "https://www.suse.com/security/cve/CVE-2024-58034"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238773 for CVE-2024-58034",
          "url": "https://bugzilla.suse.com/1238773"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58034"
    },
    {
      "cve": "CVE-2024-58051",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58051"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi: ipmb: Add check devm_kasprintf() returned value\n\ndevm_kasprintf() can return a NULL pointer on failure but this\nreturned value is not checked.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58051",
          "url": "https://www.suse.com/security/cve/CVE-2024-58051"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238963 for CVE-2024-58051",
          "url": "https://bugzilla.suse.com/1238963"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58051"
    },
    {
      "cve": "CVE-2024-58052",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58052"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table\n\nThe function atomctrl_get_smc_sclk_range_table() does not check the return\nvalue of smu_atom_get_data_table(). If smu_atom_get_data_table() fails to\nretrieve SMU_Info table, it returns NULL which is later dereferenced.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\nIn practice this should never happen as this code only gets called\non polaris chips and the vbios data table will always be present on\nthose chips.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58052",
          "url": "https://www.suse.com/security/cve/CVE-2024-58052"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238986 for CVE-2024-58052",
          "url": "https://bugzilla.suse.com/1238986"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58052"
    },
    {
      "cve": "CVE-2024-58054",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58054"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: max96712: fix kernel oops when removing module\n\nThe following kernel oops is thrown when trying to remove the max96712\nmodule:\n\nUnable to handle kernel paging request at virtual address 00007375746174db\nMem abort info:\n  ESR = 0x0000000096000004\n  EC = 0x25: DABT (current EL), IL = 32 bits\n  SET = 0, FnV = 0\n  EA = 0, S1PTW = 0\n  FSC = 0x04: level 0 translation fault\nData abort info:\n  ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n  CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n  GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af89000\n[00007375746174db] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in: crct10dif_ce polyval_ce mxc_jpeg_encdec flexcan\n    snd_soc_fsl_sai snd_soc_fsl_asoc_card snd_soc_fsl_micfil dwc_mipi_csi2\n    imx_csi_formatter polyval_generic v4l2_jpeg imx_pcm_dma can_dev\n    snd_soc_imx_audmux snd_soc_wm8962 snd_soc_imx_card snd_soc_fsl_utils\n    max96712(C-) rpmsg_ctrl rpmsg_char pwm_fan fuse\n    [last unloaded: imx8_isi]\nCPU: 0 UID: 0 PID: 754 Comm: rmmod\n\t    Tainted: G         C    6.12.0-rc6-06364-g327fec852c31 #17\nTainted: [C]=CRAP\nHardware name: NXP i.MX95 19X19 board (DT)\npstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : led_put+0x1c/0x40\nlr : v4l2_subdev_put_privacy_led+0x48/0x58\nsp : ffff80008699bbb0\nx29: ffff80008699bbb0 x28: ffff00008ac233c0 x27: 0000000000000000\nx26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\nx23: ffff000080cf1170 x22: ffff00008b53bd00 x21: ffff8000822ad1c8\nx20: ffff000080ff5c00 x19: ffff00008b53be40 x18: 0000000000000000\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000004 x13: ffff0000800f8010 x12: 0000000000000000\nx11: ffff000082acf5c0 x10: ffff000082acf478 x9 : ffff0000800f8010\nx8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff6364626d\nx5 : 8080808000000000 x4 : 0000000000000020 x3 : 00000000553a3dc1\nx2 : ffff00008ac233c0 x1 : ffff00008ac233c0 x0 : ff00737574617473\nCall trace:\n led_put+0x1c/0x40\n v4l2_subdev_put_privacy_led+0x48/0x58\n v4l2_async_unregister_subdev+0x2c/0x1a4\n max96712_remove+0x1c/0x38 [max96712]\n i2c_device_remove+0x2c/0x9c\n device_remove+0x4c/0x80\n device_release_driver_internal+0x1cc/0x228\n driver_detach+0x4c/0x98\n bus_remove_driver+0x6c/0xbc\n driver_unregister+0x30/0x60\n i2c_del_driver+0x54/0x64\n max96712_i2c_driver_exit+0x18/0x1d0 [max96712]\n __arm64_sys_delete_module+0x1a4/0x290\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x34/0xd8\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x190/0x194\nCode: f9000bf3 aa0003f3 f9402800 f9402000 (f9403400)\n---[ end trace 0000000000000000 ]---\n\nThis happens because in v4l2_i2c_subdev_init(), the i2c_set_cliendata()\nis called again and the data is overwritten to point to sd, instead of\npriv. So, in remove(), the wrong pointer is passed to\nv4l2_async_unregister_subdev(), leading to a crash.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58054",
          "url": "https://www.suse.com/security/cve/CVE-2024-58054"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238975 for CVE-2024-58054",
          "url": "https://bugzilla.suse.com/1238975"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58054"
    },
    {
      "cve": "CVE-2024-58055",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58055"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_tcm: Don\u0027t free command immediately\n\nDon\u0027t prematurely free the command. Wait for the status completion of\nthe sense status. It can be freed then. Otherwise we will double-free\nthe command.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58055",
          "url": "https://www.suse.com/security/cve/CVE-2024-58055"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238959 for CVE-2024-58055",
          "url": "https://bugzilla.suse.com/1238959"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58055"
    },
    {
      "cve": "CVE-2024-58056",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58056"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Fix ida_free call while not allocated\n\nIn the rproc_alloc() function, on error, put_device(\u0026rproc-\u003edev) is\ncalled, leading to the call of the rproc_type_release() function.\nAn error can occurs before ida_alloc is called.\n\nIn such case in rproc_type_release(), the condition (rproc-\u003eindex \u003e= 0) is\ntrue as rproc-\u003eindex has been  initialized to 0.\nida_free() is called reporting a warning:\n[    4.181906] WARNING: CPU: 1 PID: 24 at lib/idr.c:525 ida_free+0x100/0x164\n[    4.186378] stm32-display-dsi 5a000000.dsi: Fixed dependency cycle(s) with /soc/dsi@5a000000/panel@0\n[    4.188854] ida_free called for id=0 which is not allocated.\n[    4.198256] mipi-dsi 5a000000.dsi.0: Fixed dependency cycle(s) with /soc/dsi@5a000000\n[    4.203556] Modules linked in: panel_orisetech_otm8009a dw_mipi_dsi_stm(+) gpu_sched dw_mipi_dsi stm32_rproc stm32_crc32 stm32_ipcc(+) optee(+)\n[    4.224307] CPU: 1 UID: 0 PID: 24 Comm: kworker/u10:0 Not tainted 6.12.0 #442\n[    4.231481] Hardware name: STM32 (Device Tree Support)\n[    4.236627] Workqueue: events_unbound deferred_probe_work_func\n[    4.242504] Call trace:\n[    4.242522]  unwind_backtrace from show_stack+0x10/0x14\n[    4.250218]  show_stack from dump_stack_lvl+0x50/0x64\n[    4.255274]  dump_stack_lvl from __warn+0x80/0x12c\n[    4.260134]  __warn from warn_slowpath_fmt+0x114/0x188\n[    4.265199]  warn_slowpath_fmt from ida_free+0x100/0x164\n[    4.270565]  ida_free from rproc_type_release+0x38/0x60\n[    4.275832]  rproc_type_release from device_release+0x30/0xa0\n[    4.281601]  device_release from kobject_put+0xc4/0x294\n[    4.286762]  kobject_put from rproc_alloc.part.0+0x208/0x28c\n[    4.292430]  rproc_alloc.part.0 from devm_rproc_alloc+0x80/0xc4\n[    4.298393]  devm_rproc_alloc from stm32_rproc_probe+0xd0/0x844 [stm32_rproc]\n[    4.305575]  stm32_rproc_probe [stm32_rproc] from platform_probe+0x5c/0xbc\n\nCalling ida_alloc earlier in rproc_alloc ensures that the rproc-\u003eindex is\nproperly set.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58056",
          "url": "https://www.suse.com/security/cve/CVE-2024-58056"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238981 for CVE-2024-58056",
          "url": "https://bugzilla.suse.com/1238981"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58056"
    },
    {
      "cve": "CVE-2024-58057",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58057"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: convert workqueues to unbound\n\nWhen a workqueue is created with `WQ_UNBOUND`, its work items are\nserved by special worker-pools, whose host workers are not bound to\nany specific CPU. In the default configuration (i.e. when\n`queue_delayed_work` and friends do not specify which CPU to run the\nwork item on), `WQ_UNBOUND` allows the work item to be executed on any\nCPU in the same node of the CPU it was enqueued on. While this\nsolution potentially sacrifices locality, it avoids contention with\nother processes that might dominate the CPU time of the processor the\nwork item was scheduled on.\n\nThis is not just a theoretical problem: in a particular scenario\nmisconfigured process was hogging most of the time from CPU0, leaving\nless than 0.5% of its CPU time to the kworker. The IDPF workqueues\nthat were using the kworker on CPU0 suffered large completion delays\nas a result, causing performance degradation, timeouts and eventual\nsystem crash.\n\n\n* I have also run a manual test to gauge the performance\n  improvement. The test consists of an antagonist process\n  (`./stress --cpu 2`) consuming as much of CPU 0 as possible. This\n  process is run under `taskset 01` to bind it to CPU0, and its\n  priority is changed with `chrt -pQ 9900 10000 ${pid}` and\n  `renice -n -20 ${pid}` after start.\n\n  Then, the IDPF driver is forced to prefer CPU0 by editing all calls\n  to `queue_delayed_work`, `mod_delayed_work`, etc... to use CPU 0.\n\n  Finally, `ktraces` for the workqueue events are collected.\n\n  Without the current patch, the antagonist process can force\n  arbitrary delays between `workqueue_queue_work` and\n  `workqueue_execute_start`, that in my tests were as high as\n  `30ms`. With the current patch applied, the workqueue can be\n  migrated to another unloaded CPU in the same node, and, keeping\n  everything else equal, the maximum delay I could see was `6us`.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58057",
          "url": "https://www.suse.com/security/cve/CVE-2024-58057"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238969 for CVE-2024-58057",
          "url": "https://bugzilla.suse.com/1238969"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58057"
    },
    {
      "cve": "CVE-2024-58058",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58058"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: skip dumping tnc tree when zroot is null\n\nClearing slab cache will free all znode in memory and make\nc-\u003ezroot.znode = NULL, then dumping tnc tree will access\nc-\u003ezroot.znode which cause null pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58058",
          "url": "https://www.suse.com/security/cve/CVE-2024-58058"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238979 for CVE-2024-58058",
          "url": "https://bugzilla.suse.com/1238979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58058"
    },
    {
      "cve": "CVE-2024-58061",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58061"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: prohibit deactivating all links\n\nIn the internal API this calls this is a WARN_ON, but that\nshould remain since internally we want to know about bugs\nthat may cause this. Prevent deactivating all links in the\ndebugfs write directly.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58061",
          "url": "https://www.suse.com/security/cve/CVE-2024-58061"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238973 for CVE-2024-58061",
          "url": "https://bugzilla.suse.com/1238973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58061"
    },
    {
      "cve": "CVE-2024-58063",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58063"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: fix memory leaks and invalid access at probe error path\n\nDeinitialize at reverse order when probe fails.\n\nWhen init_sw_vars fails, rtl_deinit_core should not be called, specially\nnow that it destroys the rtl_wq workqueue.\n\nAnd call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be\nleaked.\n\nRemove pci_set_drvdata call as it will already be cleaned up by the core\ndriver code and could lead to memory leaks too. cf. commit 8d450935ae7f\n(\"wireless: rtlwifi: remove unnecessary pci_set_drvdata()\") and\ncommit 3d86b93064c7 (\"rtlwifi: Fix PCI probe error path orphaned memory\").",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58063",
          "url": "https://www.suse.com/security/cve/CVE-2024-58063"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238984 for CVE-2024-58063",
          "url": "https://bugzilla.suse.com/1238984"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58063"
    },
    {
      "cve": "CVE-2024-58069",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58069"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read\n\nThe nvmem interface supports variable buffer sizes, while the regmap\ninterface operates with fixed-size storage. If an nvmem client uses a\nbuffer size less than 4 bytes, regmap_read will write out of bounds\nas it expects the buffer to point at an unsigned int.\n\nFix this by using an intermediary unsigned int to hold the value.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58069",
          "url": "https://www.suse.com/security/cve/CVE-2024-58069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238978 for CVE-2024-58069",
          "url": "https://bugzilla.suse.com/1238978"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58069"
    },
    {
      "cve": "CVE-2024-58072",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58072"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: remove unused check_buddy_priv\n\nCommit 2461c7d60f9f (\"rtlwifi: Update header file\") introduced a global\nlist of private data structures.\n\nLater on, commit 26634c4b1868 (\"rtlwifi Modify existing bits to match\nvendor version 2013.02.07\") started adding the private data to that list at\nprobe time and added a hook, check_buddy_priv to find the private data from\na similar device.\n\nHowever, that function was never used.\n\nBesides, though there is a lock for that list, it is never used. And when\nthe probe fails, the private data is never removed from the list. This\nwould cause a second probe to access freed memory.\n\nRemove the unused hook, structures and members, which will prevent the\npotential race condition on the list and its corruption during a second\nprobe when probe fails.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58072",
          "url": "https://www.suse.com/security/cve/CVE-2024-58072"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238964 for CVE-2024-58072",
          "url": "https://bugzilla.suse.com/1238964"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58072"
    },
    {
      "cve": "CVE-2024-58076",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58076"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-sm6350: Add missing parent_map for two clocks\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n  [    3.388105] Call trace:\n  [    3.390664]  qcom_find_src_index+0x3c/0x70 (P)\n  [    3.395301]  qcom_find_src_index+0x1c/0x70 (L)\n  [    3.399934]  _freq_tbl_determine_rate+0x48/0x100\n  [    3.404753]  clk_rcg2_determine_rate+0x1c/0x28\n  [    3.409387]  clk_core_determine_round_nolock+0x58/0xe4\n  [    3.421414]  clk_core_round_rate_nolock+0x48/0xfc\n  [    3.432974]  clk_core_round_rate_nolock+0xd0/0xfc\n  [    3.444483]  clk_core_set_rate_nolock+0x8c/0x300\n  [    3.455886]  clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for two clocks where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58076",
          "url": "https://www.suse.com/security/cve/CVE-2024-58076"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239037 for CVE-2024-58076",
          "url": "https://bugzilla.suse.com/1239037"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58076"
    },
    {
      "cve": "CVE-2024-58078",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58078"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors\n\nmisc_minor_alloc was allocating id using ida for minor only in case of\nMISC_DYNAMIC_MINOR but misc_minor_free was always freeing ids\nusing ida_free causing a mismatch and following warn:\n\u003e \u003e WARNING: CPU: 0 PID: 159 at lib/idr.c:525 ida_free+0x3e0/0x41f\n\u003e \u003e ida_free called for id=127 which is not allocated.\n\u003e \u003e \u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\n...\n\u003e \u003e [\u003c60941eb4\u003e] ida_free+0x3e0/0x41f\n\u003e \u003e [\u003c605ac993\u003e] misc_minor_free+0x3e/0xbc\n\u003e \u003e [\u003c605acb82\u003e] misc_deregister+0x171/0x1b3\n\nmisc_minor_alloc is changed to allocate id from ida for all minors\nfalling in the range of dynamic/ misc dynamic minors",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58078",
          "url": "https://www.suse.com/security/cve/CVE-2024-58078"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239034 for CVE-2024-58078",
          "url": "https://bugzilla.suse.com/1239034"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58078"
    },
    {
      "cve": "CVE-2024-58079",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58079"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix crash during unbind if gpio unit is in use\n\nWe used the wrong device for the device managed functions. We used the\nusb device, when we should be using the interface device.\n\nIf we unbind the driver from the usb interface, the cleanup functions\nare never called. In our case, the IRQ is never disabled.\n\nIf an IRQ is triggered, it will try to access memory sections that are\nalready free, causing an OOPS.\n\nWe cannot use the function devm_request_threaded_irq here. The devm_*\nclean functions may be called after the main structure is released by\nuvc_delete.\n\nLuckily this bug has small impact, as it is only affected by devices\nwith gpio units and the user has to unbind the device, a disconnect will\nnot trigger this error.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58079",
          "url": "https://www.suse.com/security/cve/CVE-2024-58079"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239029 for CVE-2024-58079",
          "url": "https://bugzilla.suse.com/1239029"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58079"
    },
    {
      "cve": "CVE-2024-58080",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58080"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: dispcc-sm6350: Add missing parent_map for a clock\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n  [    3.388105] Call trace:\n  [    3.390664]  qcom_find_src_index+0x3c/0x70 (P)\n  [    3.395301]  qcom_find_src_index+0x1c/0x70 (L)\n  [    3.399934]  _freq_tbl_determine_rate+0x48/0x100\n  [    3.404753]  clk_rcg2_determine_rate+0x1c/0x28\n  [    3.409387]  clk_core_determine_round_nolock+0x58/0xe4\n  [    3.421414]  clk_core_round_rate_nolock+0x48/0xfc\n  [    3.432974]  clk_core_round_rate_nolock+0xd0/0xfc\n  [    3.444483]  clk_core_set_rate_nolock+0x8c/0x300\n  [    3.455886]  clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for the clock where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58080",
          "url": "https://www.suse.com/security/cve/CVE-2024-58080"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239027 for CVE-2024-58080",
          "url": "https://bugzilla.suse.com/1239027"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58080"
    },
    {
      "cve": "CVE-2024-58083",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58083"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Explicitly verify target vCPU is online in kvm_get_vcpu()\n\nExplicitly verify the target vCPU is fully online _prior_ to clamping the\nindex in kvm_get_vcpu().  If the index is \"bad\", the nospec clamping will\ngenerate \u00270\u0027, i.e. KVM will return vCPU0 instead of NULL.\n\nIn practice, the bug is unlikely to cause problems, as it will only come\ninto play if userspace or the guest is buggy or misbehaving, e.g. KVM may\nsend interrupts to vCPU0 instead of dropping them on the floor.\n\nHowever, returning vCPU0 when it shouldn\u0027t exist per online_vcpus is\nproblematic now that KVM uses an xarray for the vCPUs array, as KVM needs\nto insert into the xarray before publishing the vCPU to userspace (see\ncommit c5b077549136 (\"KVM: Convert the kvm-\u003evcpus array to a xarray\")),\ni.e. before vCPU creation is guaranteed to succeed.\n\nAs a result, incorrectly providing access to vCPU0 will trigger a\nuse-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu()\nbails out of vCPU creation due to an error and frees vCPU0.  Commit\nafb2acb2e3a3 (\"KVM: Fix vcpu_array[0] races\") papered over that issue, but\nin doing so introduced an unsolvable teardown conundrum.  Preventing\naccesses to vCPU0 before it\u0027s fully online will allow reverting commit\nafb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58083",
          "url": "https://www.suse.com/security/cve/CVE-2024-58083"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239036 for CVE-2024-58083",
          "url": "https://bugzilla.suse.com/1239036"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58083"
    },
    {
      "cve": "CVE-2024-58085",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58085"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntomoyo: don\u0027t emit warning in tomoyo_write_control()\n\nsyzbot is reporting too large allocation warning at tomoyo_write_control(),\nfor one can write a very very long line without new line character. To fix\nthis warning, I use __GFP_NOWARN rather than checking for KMALLOC_MAX_SIZE,\nfor practically a valid line should be always shorter than 32KB where the\n\"too small to fail\" memory-allocation rule applies.\n\nOne might try to write a valid line that is longer than 32KB, but such\nrequest will likely fail with -ENOMEM. Therefore, I feel that separately\nreturning -EINVAL when a line is longer than KMALLOC_MAX_SIZE is redundant.\nThere is no need to distinguish over-32KB and over-KMALLOC_MAX_SIZE.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58085",
          "url": "https://www.suse.com/security/cve/CVE-2024-58085"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239085 for CVE-2024-58085",
          "url": "https://bugzilla.suse.com/1239085"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58085"
    },
    {
      "cve": "CVE-2024-58086",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-58086"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Stop active perfmon if it is being destroyed\n\nIf the active performance monitor (`v3d-\u003eactive_perfmon`) is being\ndestroyed, stop it first. Currently, the active perfmon is not\nstopped during destruction, leaving the `v3d-\u003eactive_perfmon` pointer\nstale. This can lead to undefined behavior and instability.\n\nThis patch ensures that the active perfmon is stopped before being\ndestroyed, aligning with the behavior introduced in commit\n7d1fd3638ee3 (\"drm/v3d: Stop the active perfmon before being destroyed\").",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-58086",
          "url": "https://www.suse.com/security/cve/CVE-2024-58086"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239038 for CVE-2024-58086",
          "url": "https://bugzilla.suse.com/1239038"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-58086"
    },
    {
      "cve": "CVE-2025-21631",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21631"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix waker_bfqq UAF after bfq_split_bfqq()\n\nOur syzkaller report a following UAF for v6.6:\n\nBUG: KASAN: slab-use-after-free in bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\nRead of size 8 at addr ffff8881b57147d8 by task fsstress/232726\n\nCPU: 2 PID: 232726 Comm: fsstress Not tainted 6.6.0-g3629d1885222 #39\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\n print_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364\n print_report+0x3e/0x70 mm/kasan/report.c:475\n kasan_report+0xb8/0xf0 mm/kasan/report.c:588\n hlist_add_head include/linux/list.h:1023 [inline]\n bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh+0x15e/0x2e0 fs/ext4/super.c:230\n __read_extent_tree_block+0x304/0x6f0 fs/ext4/extents.c:567\n ext4_find_extent+0x479/0xd20 fs/ext4/extents.c:947\n ext4_ext_map_blocks+0x1a3/0x2680 fs/ext4/extents.c:4182\n ext4_map_blocks+0x929/0x15a0 fs/ext4/inode.c:660\n ext4_iomap_begin_report+0x298/0x480 fs/ext4/inode.c:3569\n iomap_iter+0x3dd/0x1010 fs/iomap/iter.c:91\n iomap_fiemap+0x1f4/0x360 fs/iomap/fiemap.c:80\n ext4_fiemap+0x181/0x210 fs/ext4/extents.c:5051\n ioctl_fiemap.isra.0+0x1b4/0x290 fs/ioctl.c:220\n do_vfs_ioctl+0x31c/0x11a0 fs/ioctl.c:811\n __do_sys_ioctl fs/ioctl.c:869 [inline]\n __se_sys_ioctl+0xae/0x190 fs/ioctl.c:857\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x70/0x120 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nAllocated by task 232719:\n kasan_save_stack+0x22/0x50 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328\n kasan_slab_alloc include/linux/kasan.h:188 [inline]\n slab_post_alloc_hook mm/slab.h:768 [inline]\n slab_alloc_node mm/slub.c:3492 [inline]\n kmem_cache_alloc_node+0x1b8/0x6f0 mm/slub.c:3537\n bfq_get_queue+0x215/0x1f00 block/bfq-iosched.c:5869\n bfq_get_bfqq_handle_split+0x167/0x5f0 block/bfq-iosched.c:6776\n bfq_init_rq+0x13a4/0x17a0 block/bfq-iosched.c:6938\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh_nowait+0x15a/0x240 fs/ext4/super.c:217\n ext4_read_bh_lock+0xac/0xd0 fs/ext4/super.c:242\n ext4_bread_batch+0x268/0x500 fs/ext4/inode.c:958\n __ext4_find_entry+0x448/0x10f0 fs/ext4/namei.c:1671\n ext4_lookup_entry fs/ext4/namei.c:1774 [inline]\n ext4_lookup.part.0+0x359/0x6f0 fs/ext4/namei.c:1842\n ext4_lookup+0x72/0x90 fs/ext4/namei.c:1839\n __lookup_slow+0x257/0x480 fs/namei.c:1696\n lookup_slow fs/namei.c:1713 [inline]\n walk_component+0x454/0x5c0 fs/namei.c:2004\n link_path_walk.part.0+0x773/0xda0 fs/namei.c:2331\n link_path_walk fs/namei.c:3826 [inline]\n path_openat+0x1b9/0x520 fs/namei.c:3826\n do_filp_open+0x1b7/0x400 fs/namei.c:3857\n do_sys_openat2+0x5dc/0x6e0 fs/open.c:1428\n do_sys_open fs/open.c:1443 [inline]\n __do_sys_openat fs/open.c:1459 [inline]\n __se_sys_openat fs/open.c:1454 [inline]\n __x64_sys_openat+0x148/0x200 fs/open.c:1454\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_6\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21631",
          "url": "https://www.suse.com/security/cve/CVE-2025-21631"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236099 for CVE-2025-21631",
          "url": "https://bugzilla.suse.com/1236099"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236100 for CVE-2025-21631",
          "url": "https://bugzilla.suse.com/1236100"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21631"
    },
    {
      "cve": "CVE-2025-21635",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21635"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n  from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n  (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n  syzbot [1] using acct(2).\n\nThe per-netns structure can be obtained from the table-\u003edata using\ncontainer_of(), then the \u0027net\u0027 one can be retrieved from the listen\nsocket (if available).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21635",
          "url": "https://www.suse.com/security/cve/CVE-2025-21635"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236111 for CVE-2025-21635",
          "url": "https://bugzilla.suse.com/1236111"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21635"
    },
    {
      "cve": "CVE-2025-21659",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21659"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdev: prevent accessing NAPI instances from another namespace\n\nThe NAPI IDs were not fully exposed to user space prior to the netlink\nAPI, so they were never namespaced. The netlink API must ensure that\nat the very least NAPI instance belongs to the same netns as the owner\nof the genl sock.\n\nnapi_by_id() can become static now, but it needs to move because of\ndev_get_by_napi_id().",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21659",
          "url": "https://www.suse.com/security/cve/CVE-2025-21659"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236206 for CVE-2025-21659",
          "url": "https://bugzilla.suse.com/1236206"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236207 for CVE-2025-21659",
          "url": "https://bugzilla.suse.com/1236207"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21659"
    },
    {
      "cve": "CVE-2025-21671",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21671"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nzram: fix potential UAF of zram table\n\nIf zram_meta_alloc failed early, it frees allocated zram-\u003etable without\nsetting it NULL.  Which will potentially cause zram_meta_free to access\nthe table if user reset an failed and uninitialized device.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21671",
          "url": "https://www.suse.com/security/cve/CVE-2025-21671"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1236692 for CVE-2025-21671",
          "url": "https://bugzilla.suse.com/1236692"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21671"
    },
    {
      "cve": "CVE-2025-21693",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21693"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: properly synchronize freeing resources during CPU hotunplug\n\nIn zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the\ncurrent CPU at the beginning of the operation is retrieved and used\nthroughout.  However, since neither preemption nor migration are disabled,\nit is possible that the operation continues on a different CPU.\n\nIf the original CPU is hotunplugged while the acomp_ctx is still in use,\nwe run into a UAF bug as some of the resources attached to the acomp_ctx\nare freed during hotunplug in zswap_cpu_comp_dead() (i.e. \nacomp_ctx.buffer, acomp_ctx.req, or acomp_ctx.acomp).\n\nThe problem was introduced in commit 1ec3b5fe6eec (\"mm/zswap: move to use\ncrypto_acomp API for hardware acceleration\") when the switch to the\ncrypto_acomp API was made.  Prior to that, the per-CPU crypto_comp was\nretrieved using get_cpu_ptr() which disables preemption and makes sure the\nCPU cannot go away from under us.  Preemption cannot be disabled with the\ncrypto_acomp API as a sleepable context is needed.\n\nUse the acomp_ctx.mutex to synchronize CPU hotplug callbacks allocating\nand freeing resources with compression/decompression paths.  Make sure\nthat acomp_ctx.req is NULL when the resources are freed.  In the\ncompression/decompression paths, check if acomp_ctx.req is NULL after\nacquiring the mutex (meaning the CPU was offlined) and retry on the new\nCPU.\n\nThe initialization of acomp_ctx.mutex is moved from the CPU hotplug\ncallback to the pool initialization where it belongs (where the mutex is\nallocated).  In addition to adding clarity, this makes sure that CPU\nhotplug cannot reinitialize a mutex that is already locked by\ncompression/decompression.\n\nPreviously a fix was attempted by holding cpus_read_lock() [1].  This\nwould have caused a potential deadlock as it is possible for code already\nholding the lock to fall into reclaim and enter zswap (causing a\ndeadlock).  A fix was also attempted using SRCU for synchronization, but\nJohannes pointed out that synchronize_srcu() cannot be used in CPU hotplug\nnotifiers [2].\n\nAlternative fixes that were considered/attempted and could have worked:\n- Refcounting the per-CPU acomp_ctx. This involves complexity in\n  handling the race between the refcount dropping to zero in\n  zswap_[de]compress() and the refcount being re-initialized when the\n  CPU is onlined.\n- Disabling migration before getting the per-CPU acomp_ctx [3], but\n  that\u0027s discouraged and is a much bigger hammer than needed, and could\n  result in subtle performance issues.\n\n[1]https://lkml.kernel.org/20241219212437.2714151-1-yosryahmed@google.com/\n[2]https://lkml.kernel.org/20250107074724.1756696-2-yosryahmed@google.com/\n[3]https://lkml.kernel.org/20250107222236.2715883-2-yosryahmed@google.com/\n\n[yosryahmed@google.com: remove comment]",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21693",
          "url": "https://www.suse.com/security/cve/CVE-2025-21693"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237029 for CVE-2025-21693",
          "url": "https://bugzilla.suse.com/1237029"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237047 for CVE-2025-21693",
          "url": "https://bugzilla.suse.com/1237047"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21693"
    },
    {
      "cve": "CVE-2025-21701",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21701"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid race between device unregistration and ethnl ops\n\nThe following trace can be seen if a device is being unregistered while\nits number of channels are being modified.\n\n  DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n  WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120\n  CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771\n  RIP: 0010:__mutex_lock+0xc8a/0x1120\n  Call Trace:\n   \u003cTASK\u003e\n   ethtool_check_max_channel+0x1ea/0x880\n   ethnl_set_channels+0x3c3/0xb10\n   ethnl_default_set_doit+0x306/0x650\n   genl_family_rcv_msg_doit+0x1e3/0x2c0\n   genl_rcv_msg+0x432/0x6f0\n   netlink_rcv_skb+0x13d/0x3b0\n   genl_rcv+0x28/0x40\n   netlink_unicast+0x42e/0x720\n   netlink_sendmsg+0x765/0xc20\n   __sys_sendto+0x3ac/0x420\n   __x64_sys_sendto+0xe0/0x1c0\n   do_syscall_64+0x95/0x180\n   entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThis is because unregister_netdevice_many_notify might run before the\nrtnl lock section of ethnl operations, eg. set_channels in the above\nexample. In this example the rss lock would be destroyed by the device\nunregistration path before being used again, but in general running\nethnl operations while dismantle has started is not a good idea.\n\nFix this by denying any operation on devices being unregistered. A check\nwas already there in ethnl_ops_begin, but not wide enough.\n\nNote that the same issue cannot be seen on the ioctl version\n(__dev_ethtool) because the device reference is retrieved from within\nthe rtnl lock section there. Once dismantle started, the net device is\nunlisted and no reference will be found.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21701",
          "url": "https://www.suse.com/security/cve/CVE-2025-21701"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237164 for CVE-2025-21701",
          "url": "https://bugzilla.suse.com/1237164"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1245805 for CVE-2025-21701",
          "url": "https://bugzilla.suse.com/1245805"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21701"
    },
    {
      "cve": "CVE-2025-21703",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21703"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog()\n\nqdisc_tree_reduce_backlog() notifies parent qdisc only if child\nqdisc becomes empty, therefore we need to reduce the backlog of the\nchild qdisc before calling it. Otherwise it would miss the opportunity\nto call cops-\u003eqlen_notify(), in the case of DRR, it resulted in UAF\nsince DRR uses -\u003eqlen_notify() to maintain its active list.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21703",
          "url": "https://www.suse.com/security/cve/CVE-2025-21703"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237313 for CVE-2025-21703",
          "url": "https://bugzilla.suse.com/1237313"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1245796 for CVE-2025-21703",
          "url": "https://bugzilla.suse.com/1245796"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21703"
    },
    {
      "cve": "CVE-2025-21704",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21704"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdc-acm: Check control transfer buffer size before access\n\nIf the first fragment is shorter than struct usb_cdc_notification, we can\u0027t\ncalculate an expected_size. Log an error and discard the notification\ninstead of reading lengths from memory outside the received data, which can\nlead to memory corruption when the expected_size decreases between\nfragments, causing `expected_size - acm-\u003enb_index` to wrap.\n\nThis issue has been present since the beginning of git history; however,\nit only leads to memory corruption since commit ea2583529cd1\n(\"cdc-acm: reassemble fragmented notifications\").\n\nA mitigating factor is that acm_ctrl_irq() can only execute after userspace\nhas opened /dev/ttyACM*; but if ModemManager is running, ModemManager will\ndo that automatically depending on the USB device\u0027s vendor/product IDs and\nits other interfaces.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21704",
          "url": "https://www.suse.com/security/cve/CVE-2025-21704"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237571 for CVE-2025-21704",
          "url": "https://bugzilla.suse.com/1237571"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21704"
    },
    {
      "cve": "CVE-2025-21706",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21706"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only set fullmesh for subflow endp\n\nWith the in-kernel path-manager, it is possible to change the \u0027fullmesh\u0027\nflag. The code in mptcp_pm_nl_fullmesh() expects to change it only on\n\u0027subflow\u0027 endpoints, to recreate more or less subflows using the linked\naddress.\n\nUnfortunately, the set_flags() hook was a bit more permissive, and\nallowed \u0027implicit\u0027 endpoints to get the \u0027fullmesh\u0027 flag while it is not\nallowed before.\n\nThat\u0027s what syzbot found, triggering the following warning:\n\n  WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 __mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n  WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n  WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n  WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n  Modules linked in:\n  CPU: 0 UID: 0 PID: 6499 Comm: syz.1.413 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\n  Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n  RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n  RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n  RIP: 0010:mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n  RIP: 0010:mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n  Code: 01 00 00 49 89 c5 e8 fb 45 e8 f5 e9 b8 fc ff ff e8 f1 45 e8 f5 4c 89 f7 be 03 00 00 00 e8 44 1d 0b f9 eb a0 e8 dd 45 e8 f5 90 \u003c0f\u003e 0b 90 e9 17 ff ff ff 89 d9 80 e1 07 38 c1 0f 8c c9 fc ff ff 48\n  RSP: 0018:ffffc9000d307240 EFLAGS: 00010293\n  RAX: ffffffff8bb72e03 RBX: 0000000000000000 RCX: ffff88807da88000\n  RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n  RBP: ffffc9000d307430 R08: ffffffff8bb72cf0 R09: 1ffff1100b842a5e\n  R10: dffffc0000000000 R11: ffffed100b842a5f R12: ffff88801e2e5ac0\n  R13: ffff88805c214800 R14: ffff88805c2152e8 R15: 1ffff1100b842a5d\n  FS:  00005555619f6500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n  CR2: 0000000020002840 CR3: 00000000247e6000 CR4: 00000000003526f0\n  DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n  DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n  Call Trace:\n   \u003cTASK\u003e\n   genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n   genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n   genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n   netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2542\n   genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n   netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n   netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n   netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n   sock_sendmsg_nosec net/socket.c:711 [inline]\n   __sock_sendmsg+0x221/0x270 net/socket.c:726\n   ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n   ___sys_sendmsg net/socket.c:2637 [inline]\n   __sys_sendmsg+0x269/0x350 net/socket.c:2669\n   do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n   do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n   entry_SYSCALL_64_after_hwframe+0x77/0x7f\n  RIP: 0033:0x7f5fe8785d29\n  Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n  RSP: 002b:00007fff571f5558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n  RAX: ffffffffffffffda RBX: 00007f5fe8975fa0 RCX: 00007f5fe8785d29\n  RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000007\n  RBP: 00007f5fe8801b08 R08: 0000000000000000 R09: 0000000000000000\n  R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n  R13: 00007f5fe8975fa0 R14: 00007f5fe8975fa0 R15: 000000\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21706",
          "url": "https://www.suse.com/security/cve/CVE-2025-21706"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238528 for CVE-2025-21706",
          "url": "https://bugzilla.suse.com/1238528"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21706"
    },
    {
      "cve": "CVE-2025-21708",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21708"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: rtl8150: enable basic endpoint checking\n\nSyzkaller reports [1] encountering a common issue of utilizing a wrong\nusb endpoint type during URB submitting stage. This, in turn, triggers\na warning shown below.\n\nFor now, enable simple endpoint checking (specifically, bulk and\ninterrupt eps, testing control one is not essential) to mitigate\nthe issue with a view to do other related cosmetic changes later,\nif they are necessary.\n\n[1] Syzkaller report:\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 1 PID: 2586 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 driv\u003e\nModules linked in:\nCPU: 1 UID: 0 PID: 2586 Comm: dhcpcd Not tainted 6.11.0-rc4-syzkaller-00069-gfc88bb11617\u003e\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nCode: 84 3c 02 00 00 e8 05 e4 fc fc 4c 89 ef e8 fd 25 d7 fe 45 89 e0 89 e9 4c 89 f2 48 8\u003e\nRSP: 0018:ffffc9000441f740 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888112487a00 RCX: ffffffff811a99a9\nRDX: ffff88810df6ba80 RSI: ffffffff811a99b6 RDI: 0000000000000001\nRBP: 0000000000000003 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff8881023bf0a8 R14: ffff888112452a20 R15: ffff888112487a7c\nFS:  00007fc04eea5740(0000) GS:ffff8881f6300000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f0a1de9f870 CR3: 000000010dbd0000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n rtl8150_open+0x300/0xe30 drivers/net/usb/rtl8150.c:733\n __dev_open+0x2d4/0x4e0 net/core/dev.c:1474\n __dev_change_flags+0x561/0x720 net/core/dev.c:8838\n dev_change_flags+0x8f/0x160 net/core/dev.c:8910\n devinet_ioctl+0x127a/0x1f10 net/ipv4/devinet.c:1177\n inet_ioctl+0x3aa/0x3f0 net/ipv4/af_inet.c:1003\n sock_do_ioctl+0x116/0x280 net/socket.c:1222\n sock_ioctl+0x22e/0x6c0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x193/0x220 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fc04ef73d49\n...\n\nThis change has not been tested on real hardware.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21708",
          "url": "https://www.suse.com/security/cve/CVE-2025-21708"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239087 for CVE-2025-21708",
          "url": "https://bugzilla.suse.com/1239087"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21708"
    },
    {
      "cve": "CVE-2025-21711",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21711"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rose: prevent integer overflows in rose_setsockopt()\n\nIn case of possible unpredictably large arguments passed to\nrose_setsockopt() and multiplied by extra values on top of that,\ninteger overflows may occur.\n\nDo the safest minimum and fix these issues by checking the\ncontents of \u0027opt\u0027 and returning -EINVAL if they are too large. Also,\nswitch to unsigned int and remove useless check for negative \u0027opt\u0027\nin ROSE_IDLE case.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21711",
          "url": "https://www.suse.com/security/cve/CVE-2025-21711"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239114 for CVE-2025-21711",
          "url": "https://bugzilla.suse.com/1239114"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21711"
    },
    {
      "cve": "CVE-2025-21714",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21714"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP use after free\n\nPrevent double queueing of implicit ODP mr destroy work by using\n__xa_cmpxchg() to make sure this is the only time we are destroying this\nspecific mr.\n\nWithout this change, we could try to invalidate this mr twice, which in\nturn could result in queuing a MR work destroy twice, and eventually the\nsecond work could execute after the MR was freed due to the first work,\ncausing a user after free and trace below.\n\n   refcount_t: underflow; use-after-free.\n   WARNING: CPU: 2 PID: 12178 at lib/refcount.c:28 refcount_warn_saturate+0x12b/0x130\n   Modules linked in: bonding ib_ipoib vfio_pci ip_gre geneve nf_tables ip6_gre gre ip6_tunnel tunnel6 ipip tunnel4 ib_umad rdma_ucm mlx5_vfio_pci vfio_pci_core vfio_iommu_type1 mlx5_ib vfio ib_uverbs mlx5_core iptable_raw openvswitch nsh rpcrdma ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm ib_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay zram zsmalloc fuse [last unloaded: ib_uverbs]\n   CPU: 2 PID: 12178 Comm: kworker/u20:5 Not tainted 6.5.0-rc1_net_next_mlx5_58c644e #1\n   Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n   Workqueue: events_unbound free_implicit_child_mr_work [mlx5_ib]\n   RIP: 0010:refcount_warn_saturate+0x12b/0x130\n   Code: 48 c7 c7 38 95 2a 82 c6 05 bc c6 fe 00 01 e8 0c 66 aa ff 0f 0b 5b c3 48 c7 c7 e0 94 2a 82 c6 05 a7 c6 fe 00 01 e8 f5 65 aa ff \u003c0f\u003e 0b 5b c3 90 8b 07 3d 00 00 00 c0 74 12 83 f8 01 74 13 8d 50 ff\n   RSP: 0018:ffff8881008e3e40 EFLAGS: 00010286\n   RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000027\n   RDX: ffff88852c91b5c8 RSI: 0000000000000001 RDI: ffff88852c91b5c0\n   RBP: ffff8881dacd4e00 R08: 00000000ffffffff R09: 0000000000000019\n   R10: 000000000000072e R11: 0000000063666572 R12: ffff88812bfd9e00\n   R13: ffff8881c792d200 R14: ffff88810011c005 R15: ffff8881002099c0\n   FS:  0000000000000000(0000) GS:ffff88852c900000(0000) knlGS:0000000000000000\n   CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n   CR2: 00007f5694b5e000 CR3: 00000001153f6003 CR4: 0000000000370ea0\n   DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n   DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n   Call Trace:\n    \u003cTASK\u003e\n    ? refcount_warn_saturate+0x12b/0x130\n    free_implicit_child_mr_work+0x180/0x1b0 [mlx5_ib]\n    process_one_work+0x1cc/0x3c0\n    worker_thread+0x218/0x3c0\n    kthread+0xc6/0xf0\n    ret_from_fork+0x1f/0x30\n    \u003c/TASK\u003e",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21714",
          "url": "https://www.suse.com/security/cve/CVE-2025-21714"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237890 for CVE-2025-21714",
          "url": "https://bugzilla.suse.com/1237890"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21714"
    },
    {
      "cve": "CVE-2025-21718",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21718"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: fix timer races against user threads\n\nRose timers only acquire the socket spinlock, without\nchecking if the socket is owned by one user thread.\n\nAdd a check and rearm the timers if needed.\n\nBUG: KASAN: slab-use-after-free in rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\nRead of size 2 at addr ffff88802f09b82a by task swapper/0/0\n\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n  __dump_stack lib/dump_stack.c:94 [inline]\n  dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n  print_address_description mm/kasan/report.c:378 [inline]\n  print_report+0x169/0x550 mm/kasan/report.c:489\n  kasan_report+0x143/0x180 mm/kasan/report.c:602\n  rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\n  call_timer_fn+0x187/0x650 kernel/time/timer.c:1793\n  expire_timers kernel/time/timer.c:1844 [inline]\n  __run_timers kernel/time/timer.c:2418 [inline]\n  __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2430\n  run_timer_base kernel/time/timer.c:2439 [inline]\n  run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2449\n  handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n  __do_softirq kernel/softirq.c:595 [inline]\n  invoke_softirq kernel/softirq.c:435 [inline]\n  __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n  irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n  instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n  sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21718",
          "url": "https://www.suse.com/security/cve/CVE-2025-21718"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239073 for CVE-2025-21718",
          "url": "https://bugzilla.suse.com/1239073"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239074 for CVE-2025-21718",
          "url": "https://bugzilla.suse.com/1239074"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21718"
    },
    {
      "cve": "CVE-2025-21723",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21723"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Fix possible crash when setting up bsg fails\n\nIf bsg_setup_queue() fails, the bsg_queue is assigned a non-NULL value.\nConsequently, in mpi3mr_bsg_exit(), the condition \"if(!mrioc-\u003ebsg_queue)\"\nwill not be satisfied, preventing execution from entering\nbsg_remove_queue(), which could lead to the following crash:\n\nBUG: kernel NULL pointer dereference, address: 000000000000041c\nCall Trace:\n  \u003cTASK\u003e\n  mpi3mr_bsg_exit+0x1f/0x50 [mpi3mr]\n  mpi3mr_remove+0x6f/0x340 [mpi3mr]\n  pci_device_remove+0x3f/0xb0\n  device_release_driver_internal+0x19d/0x220\n  unbind_store+0xa4/0xb0\n  kernfs_fop_write_iter+0x11f/0x200\n  vfs_write+0x1fc/0x3e0\n  ksys_write+0x67/0xe0\n  do_syscall_64+0x38/0x80\n  entry_SYSCALL_64_after_hwframe+0x78/0xe2",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21723",
          "url": "https://www.suse.com/security/cve/CVE-2025-21723"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238864 for CVE-2025-21723",
          "url": "https://bugzilla.suse.com/1238864"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21723"
    },
    {
      "cve": "CVE-2025-21726",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21726"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: avoid UAF for reorder_work\n\nAlthough the previous patch can avoid ps and ps UAF for _do_serial, it\ncan not avoid potential UAF issue for reorder_work. This issue can\nhappen just as below:\n\ncrypto_request\t\t\tcrypto_request\t\tcrypto_del_alg\npadata_do_serial\n  ...\n  padata_reorder\n    // processes all remaining\n    // requests then breaks\n    while (1) {\n      if (!padata)\n        break;\n      ...\n    }\n\n\t\t\t\tpadata_do_serial\n\t\t\t\t  // new request added\n\t\t\t\t  list_add\n    // sees the new request\n    queue_work(reorder_work)\n\t\t\t\t  padata_reorder\n\t\t\t\t    queue_work_on(squeue-\u003ework)\n...\n\n\t\t\t\t\u003ckworker context\u003e\n\t\t\t\tpadata_serial_worker\n\t\t\t\t// completes new request,\n\t\t\t\t// no more outstanding\n\t\t\t\t// requests\n\n\t\t\t\t\t\t\tcrypto_del_alg\n\t\t\t\t\t\t\t  // free pd\n\n\u003ckworker context\u003e\ninvoke_padata_reorder\n  // UAF of pd\n\nTo avoid UAF for \u0027reorder_work\u0027, get \u0027pd\u0027 ref before put \u0027reorder_work\u0027\ninto the \u0027serial_wq\u0027 and put \u0027pd\u0027 ref until the \u0027serial_wq\u0027 finish.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21726",
          "url": "https://www.suse.com/security/cve/CVE-2025-21726"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238865 for CVE-2025-21726",
          "url": "https://bugzilla.suse.com/1238865"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240837 for CVE-2025-21726",
          "url": "https://bugzilla.suse.com/1240837"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21726"
    },
    {
      "cve": "CVE-2025-21727",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21727"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: fix UAF in padata_reorder\n\nA bug was found when run ltp test:\n\nBUG: KASAN: slab-use-after-free in padata_find_next+0x29/0x1a0\nRead of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206\n\nCPU: 0 PID: 3039206 Comm: kworker/u113:2 Kdump: loaded Not tainted 6.6.0+\nWorkqueue: pdecrypt_parallel padata_parallel_worker\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x32/0x50\nprint_address_description.constprop.0+0x6b/0x3d0\nprint_report+0xdd/0x2c0\nkasan_report+0xa5/0xd0\npadata_find_next+0x29/0x1a0\npadata_reorder+0x131/0x220\npadata_parallel_worker+0x3d/0xc0\nprocess_one_work+0x2ec/0x5a0\n\nIf \u0027mdelay(10)\u0027 is added before calling \u0027padata_find_next\u0027 in the\n\u0027padata_reorder\u0027 function, this issue could be reproduced easily with\nltp test (pcrypt_aead01).\n\nThis can be explained as bellow:\n\npcrypt_aead_encrypt\n...\npadata_do_parallel\nrefcount_inc(\u0026pd-\u003erefcnt); // add refcnt\n...\npadata_do_serial\npadata_reorder // pd\nwhile (1) {\npadata_find_next(pd, true); // using pd\nqueue_work_on\n...\npadata_serial_worker\t\t\t\tcrypto_del_alg\npadata_put_pd_cnt // sub refcnt\n\t\t\t\t\t\tpadata_free_shell\n\t\t\t\t\t\tpadata_put_pd(ps-\u003epd);\n\t\t\t\t\t\t// pd is freed\n// loop again, but pd is freed\n// call padata_find_next, UAF\n}\n\nIn the padata_reorder function, when it loops in \u0027while\u0027, if the alg is\ndeleted, the refcnt may be decreased to 0 before entering\n\u0027padata_find_next\u0027, which leads to UAF.\n\nAs mentioned in [1], do_serial is supposed to be called with BHs disabled\nand always happen under RCU protection, to address this issue, add\nsynchronize_rcu() in \u0027padata_free_shell\u0027 wait for all _do_serial calls\nto finish.\n\n[1] https://lore.kernel.org/all/20221028160401.cccypv4euxikusiq@parnassus.localdomain/\n[2] https://lore.kernel.org/linux-kernel/jfjz5d7zwbytztackem7ibzalm5lnxldi2eofeiczqmqs2m7o6@fq426cwnjtkm/",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21727",
          "url": "https://www.suse.com/security/cve/CVE-2025-21727"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237876 for CVE-2025-21727",
          "url": "https://bugzilla.suse.com/1237876"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21727"
    },
    {
      "cve": "CVE-2025-21731",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21731"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: don\u0027t allow reconnect after disconnect\n\nFollowing process can cause nbd_config UAF:\n\n1) grab nbd_config temporarily;\n\n2) nbd_genl_disconnect() flush all recv_work() and release the\ninitial reference:\n\n  nbd_genl_disconnect\n   nbd_disconnect_and_put\n    nbd_disconnect\n     flush_workqueue(nbd-\u003erecv_workq)\n    if (test_and_clear_bit(NBD_RT_HAS_CONFIG_REF, ...))\n     nbd_config_put\n     -\u003e due to step 1), reference is still not zero\n\n3) nbd_genl_reconfigure() queue recv_work() again;\n\n  nbd_genl_reconfigure\n   config = nbd_get_config_unlocked(nbd)\n   if (!config)\n   -\u003e succeed\n   if (!test_bit(NBD_RT_BOUND, ...))\n   -\u003e succeed\n   nbd_reconnect_socket\n    queue_work(nbd-\u003erecv_workq, \u0026args-\u003ework)\n\n4) step 1) release the reference;\n\n5) Finially, recv_work() will trigger UAF:\n\n  recv_work\n   nbd_config_put(nbd)\n   -\u003e nbd_config is freed\n   atomic_dec(\u0026config-\u003erecv_threads)\n   -\u003e UAF\n\nFix the problem by clearing NBD_RT_BOUND in nbd_genl_disconnect(), so\nthat nbd_genl_reconfigure() will fail.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21731",
          "url": "https://www.suse.com/security/cve/CVE-2025-21731"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237881 for CVE-2025-21731",
          "url": "https://bugzilla.suse.com/1237881"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21731"
    },
    {
      "cve": "CVE-2025-21732",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21732"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error\n\nThis patch addresses a race condition for an ODP MR that can result in a\nCQE with an error on the UMR QP.\n\nDuring the __mlx5_ib_dereg_mr() flow, the following sequence of calls\noccurs:\n\nmlx5_revoke_mr()\n mlx5r_umr_revoke_mr()\n mlx5r_umr_post_send_wait()\n\nAt this point, the lkey is freed from the hardware\u0027s perspective.\n\nHowever, concurrently, mlx5_ib_invalidate_range() might be triggered by\nanother task attempting to invalidate a range for the same freed lkey.\n\nThis task will:\n - Acquire the umem_odp-\u003eumem_mutex lock.\n - Call mlx5r_umr_update_xlt() on the UMR QP.\n - Since the lkey has already been freed, this can lead to a CQE error,\n   causing the UMR QP to enter an error state [1].\n\nTo resolve this race condition, the umem_odp-\u003eumem_mutex lock is now also\nacquired as part of the mlx5_revoke_mr() scope.  Upon successful revoke,\nwe set umem_odp-\u003eprivate which points to that MR to NULL, preventing any\nfurther invalidation attempts on its lkey.\n\n[1] From dmesg:\n\n   infiniband rocep8s0f0: dump_cqe:277:(pid 0): WC error: 6, Message: memory bind operation error\n   cqe_dump: 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n   cqe_dump: 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n   cqe_dump: 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n   cqe_dump: 00000030: 00 00 00 00 08 00 78 06 25 00 11 b9 00 0e dd d2\n\n   WARNING: CPU: 15 PID: 1506 at drivers/infiniband/hw/mlx5/umr.c:394 mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n   Modules linked in: ip6table_mangle ip6table_natip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_umad ib_ipoib ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\n   CPU: 15 UID: 0 PID: 1506 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1626\n   Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n   RIP: 0010:mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n   [..]\n   Call Trace:\n   \u003cTASK\u003e\n   mlx5r_umr_update_xlt+0x23c/0x3e0 [mlx5_ib]\n   mlx5_ib_invalidate_range+0x2e1/0x330 [mlx5_ib]\n   __mmu_notifier_invalidate_range_start+0x1e1/0x240\n   zap_page_range_single+0xf1/0x1a0\n   madvise_vma_behavior+0x677/0x6e0\n   do_madvise+0x1a2/0x4b0\n   __x64_sys_madvise+0x25/0x30\n   do_syscall_64+0x6b/0x140\n   entry_SYSCALL_64_after_hwframe+0x76/0x7e",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21732",
          "url": "https://www.suse.com/security/cve/CVE-2025-21732"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237877 for CVE-2025-21732",
          "url": "https://bugzilla.suse.com/1237877"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21732"
    },
    {
      "cve": "CVE-2025-21733",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21733"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/osnoise: Fix resetting of tracepoints\n\nIf a timerlat tracer is started with the osnoise option OSNOISE_WORKLOAD\ndisabled, but then that option is enabled and timerlat is removed, the\ntracepoints that were enabled on timerlat registration do not get\ndisabled. If the option is disabled again and timelat is started, then it\ntriggers a warning in the tracepoint code due to registering the\ntracepoint again without ever disabling it.\n\nDo not use the same user space defined options to know to disable the\ntracepoints when timerlat is removed. Instead, set a global flag when it\nis enabled and use that flag to know to disable the events.\n\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n ~# echo OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo nop \u003e /sys/kernel/tracing/current_tracer\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n\nTriggers:\n\n ------------[ cut here ]------------\n WARNING: CPU: 6 PID: 1337 at kernel/tracepoint.c:294 tracepoint_add_func+0x3b6/0x3f0\n Modules linked in:\n CPU: 6 UID: 0 PID: 1337 Comm: rtla Not tainted 6.13.0-rc4-test-00018-ga867c441128e-dirty #73\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:tracepoint_add_func+0x3b6/0x3f0\n Code: 48 8b 53 28 48 8b 73 20 4c 89 04 24 e8 23 59 11 00 4c 8b 04 24 e9 36 fe ff ff 0f 0b b8 ea ff ff ff 45 84 e4 0f 84 68 fe ff ff \u003c0f\u003e 0b e9 61 fe ff ff 48 8b 7b 18 48 85 ff 0f 84 4f ff ff ff 49 8b\n RSP: 0018:ffffb9b003a87ca0 EFLAGS: 00010202\n RAX: 00000000ffffffef RBX: ffffffff92f30860 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff9bf59e91ccd0 RDI: ffffffff913b6410\n RBP: 000000000000000a R08: 00000000000005c7 R09: 0000000000000002\n R10: ffffb9b003a87ce0 R11: 0000000000000002 R12: 0000000000000001\n R13: ffffb9b003a87ce0 R14: ffffffffffffffef R15: 0000000000000008\n FS:  00007fce81209240(0000) GS:ffff9bf6fdd00000(0000) knlGS:0000000000000000\n CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055e99b728000 CR3: 00000001277c0002 CR4: 0000000000172ef0\n Call Trace:\n  \u003cTASK\u003e\n  ? __warn.cold+0xb7/0x14d\n  ? tracepoint_add_func+0x3b6/0x3f0\n  ? report_bug+0xea/0x170\n  ? handle_bug+0x58/0x90\n  ? exc_invalid_op+0x17/0x70\n  ? asm_exc_invalid_op+0x1a/0x20\n  ? __pfx_trace_sched_migrate_callback+0x10/0x10\n  ? tracepoint_add_func+0x3b6/0x3f0\n  ? __pfx_trace_sched_migrate_callback+0x10/0x10\n  ? __pfx_trace_sched_migrate_callback+0x10/0x10\n  tracepoint_probe_register+0x78/0xb0\n  ? __pfx_trace_sched_migrate_callback+0x10/0x10\n  osnoise_workload_start+0x2b5/0x370\n  timerlat_tracer_init+0x76/0x1b0\n  tracing_set_tracer+0x244/0x400\n  tracing_set_trace_write+0xa0/0xe0\n  vfs_write+0xfc/0x570\n  ? do_sys_openat2+0x9c/0xe0\n  ksys_write+0x72/0xf0\n  do_syscall_64+0x79/0x1c0\n  entry_SYSCALL_64_after_hwframe+0x76/0x7e",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21733",
          "url": "https://www.suse.com/security/cve/CVE-2025-21733"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238494 for CVE-2025-21733",
          "url": "https://bugzilla.suse.com/1238494"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21733"
    },
    {
      "cve": "CVE-2025-21734",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21734"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Fix copy buffer page size\n\nFor non-registered buffer, fastrpc driver copies the buffer and\npass it to the remote subsystem. There is a problem with current\nimplementation of page size calculation which is not considering\nthe offset in the calculation. This might lead to passing of\nimproper and out-of-bounds page size which could result in\nmemory issue. Calculate page start and page end using the offset\nadjusted address instead of absolute address.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21734",
          "url": "https://www.suse.com/security/cve/CVE-2025-21734"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238734 for CVE-2025-21734",
          "url": "https://bugzilla.suse.com/1238734"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21734"
    },
    {
      "cve": "CVE-2025-21735",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21735"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: Add bounds checking in nci_hci_create_pipe()\n\nThe \"pipe\" variable is a u8 which comes from the network.  If it\u0027s more\nthan 127, then it results in memory corruption in the caller,\nnci_hci_connect_gate().",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21735",
          "url": "https://www.suse.com/security/cve/CVE-2025-21735"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238497 for CVE-2025-21735",
          "url": "https://bugzilla.suse.com/1238497"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21735"
    },
    {
      "cve": "CVE-2025-21736",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21736"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix possible int overflows in nilfs_fiemap()\n\nSince nilfs_bmap_lookup_contig() in nilfs_fiemap() calculates its result\nby being prepared to go through potentially maxblocks == INT_MAX blocks,\nthe value in n may experience an overflow caused by left shift of blkbits.\n\nWhile it is extremely unlikely to occur, play it safe and cast right hand\nexpression to wider type to mitigate the issue.\n\nFound by Linux Verification Center (linuxtesting.org) with static analysis\ntool SVACE.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21736",
          "url": "https://www.suse.com/security/cve/CVE-2025-21736"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238715 for CVE-2025-21736",
          "url": "https://bugzilla.suse.com/1238715"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21736"
    },
    {
      "cve": "CVE-2025-21738",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21738"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: libata-sff: Ensure that we cannot write outside the allocated buffer\n\nreveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len\nset to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA command set to\nATA_NOP, and protocol set to ATA_PROT_PIO, can cause ata_pio_sector() to\nwrite outside the allocated buffer, overwriting random memory.\n\nWhile a ATA device is supposed to abort a ATA_NOP command, there does seem\nto be a bug either in libata-sff or QEMU, where either this status is not\nset, or the status is cleared before read by ata_sff_hsm_move().\nAnyway, that is most likely a separate bug.\n\nLooking at __atapi_pio_bytes(), it already has a safety check to ensure\nthat __atapi_pio_bytes() cannot write outside the allocated buffer.\n\nAdd a similar check to ata_pio_sector(), such that also ata_pio_sector()\ncannot write outside the allocated buffer.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21738",
          "url": "https://www.suse.com/security/cve/CVE-2025-21738"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238917 for CVE-2025-21738",
          "url": "https://bugzilla.suse.com/1238917"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21738"
    },
    {
      "cve": "CVE-2025-21739",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21739"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix use-after free in init error and remove paths\n\ndevm_blk_crypto_profile_init() registers a cleanup handler to run when\nthe associated (platform-) device is being released. For UFS, the\ncrypto private data and pointers are stored as part of the ufs_hba\u0027s\ndata structure \u0027struct ufs_hba::crypto_profile\u0027. This structure is\nallocated as part of the underlying ufshcd and therefore Scsi_host\nallocation.\n\nDuring driver release or during error handling in ufshcd_pltfrm_init(),\nthis structure is released as part of ufshcd_dealloc_host() before the\n(platform-) device associated with the crypto call above is released.\nOnce this device is released, the crypto cleanup code will run, using\nthe just-released \u0027struct ufs_hba::crypto_profile\u0027. This causes a\nuse-after-free situation:\n\n  Call trace:\n   kfree+0x60/0x2d8 (P)\n   kvfree+0x44/0x60\n   blk_crypto_profile_destroy_callback+0x28/0x70\n   devm_action_release+0x1c/0x30\n   release_nodes+0x6c/0x108\n   devres_release_all+0x98/0x100\n   device_unbind_cleanup+0x20/0x70\n   really_probe+0x218/0x2d0\n\nIn other words, the initialisation code flow is:\n\n  platform-device probe\n    ufshcd_pltfrm_init()\n      ufshcd_alloc_host()\n        scsi_host_alloc()\n          allocation of struct ufs_hba\n          creation of scsi-host devices\n    devm_blk_crypto_profile_init()\n      devm registration of cleanup handler using platform-device\n\nand during error handling of ufshcd_pltfrm_init() or during driver\nremoval:\n\n  ufshcd_dealloc_host()\n    scsi_host_put()\n      put_device(scsi-host)\n        release of struct ufs_hba\n  put_device(platform-device)\n    crypto cleanup handler\n\nTo fix this use-after free, change ufshcd_alloc_host() to register a\ndevres action to automatically cleanup the underlying SCSI device on\nufshcd destruction, without requiring explicit calls to\nufshcd_dealloc_host(). This way:\n\n    * the crypto profile and all other ufs_hba-owned resources are\n      destroyed before SCSI (as they\u0027ve been registered after)\n    * a memleak is plugged in tc-dwc-g210-pci.c remove() as a\n      side-effect\n    * EXPORT_SYMBOL_GPL(ufshcd_dealloc_host) can be removed fully as\n      it\u0027s not needed anymore\n    * no future drivers using ufshcd_alloc_host() could ever forget\n      adding the cleanup",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21739",
          "url": "https://www.suse.com/security/cve/CVE-2025-21739"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238506 for CVE-2025-21739",
          "url": "https://bugzilla.suse.com/1238506"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21739"
    },
    {
      "cve": "CVE-2025-21741",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21741"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix DPE OoB read\n\nFix an out-of-bounds DPE read, limit the number of processed DPEs to\nthe amount that fits into the fixed-size NDP16 header.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21741",
          "url": "https://www.suse.com/security/cve/CVE-2025-21741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238767 for CVE-2025-21741",
          "url": "https://bugzilla.suse.com/1238767"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21741"
    },
    {
      "cve": "CVE-2025-21742",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21742"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: use static NDP16 location in URB\n\nOriginal code allowed for the start of NDP16 to be anywhere within the\nURB based on the `wNdpIndex` value in NTH16. Only the start position of\nNDP16 was checked, so it was possible for even the fixed-length part\nof NDP16 to extend past the end of URB, leading to an out-of-bounds\nread.\n\nOn iOS devices, the NDP16 header always directly follows NTH16. Rely on\nand check for this specific format.\n\nThis, along with NCM-specific minimal URB length check that already\nexists, will ensure that the fixed-length part of NDP16 plus a set\namount of DPEs fit within the URB.\n\nNote that this commit alone does not fully address the OoB read.\nThe limit on the amount of DPEs needs to be enforced separately.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21742",
          "url": "https://www.suse.com/security/cve/CVE-2025-21742"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238771 for CVE-2025-21742",
          "url": "https://bugzilla.suse.com/1238771"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21742"
    },
    {
      "cve": "CVE-2025-21743",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21743"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix possible overflow in DPE length check\n\nOriginally, it was possible for the DPE length check to overflow if\nwDatagramIndex + wDatagramLength \u003e U16_MAX. This could lead to an OoB\nread.\n\nMove the wDatagramIndex term to the other side of the inequality.\n\nAn existing condition ensures that wDatagramIndex \u003c urb-\u003eactual_length.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21743",
          "url": "https://www.suse.com/security/cve/CVE-2025-21743"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238781 for CVE-2025-21743",
          "url": "https://bugzilla.suse.com/1238781"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21743"
    },
    {
      "cve": "CVE-2025-21744",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21744"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()\n\nOn removal of the device or unloading of the kernel module a potential NULL\npointer dereference occurs.\n\nThe following sequence deletes the interface:\n\n  brcmf_detach()\n    brcmf_remove_interface()\n      brcmf_del_if()\n\nInside the brcmf_del_if() function the drvr-\u003eif2bss[ifidx] is updated to\nBRCMF_BSSIDX_INVALID (-1) if the bsscfgidx matches.\n\nAfter brcmf_remove_interface() call the brcmf_proto_detach() function is\ncalled providing the following sequence:\n\n  brcmf_detach()\n    brcmf_proto_detach()\n      brcmf_proto_msgbuf_detach()\n        brcmf_flowring_detach()\n          brcmf_msgbuf_delete_flowring()\n            brcmf_msgbuf_remove_flowring()\n              brcmf_flowring_delete()\n                brcmf_get_ifp()\n                brcmf_txfinalize()\n\nSince brcmf_get_ip() can and actually will return NULL in this case the\ncall to brcmf_txfinalize() will result in a NULL pointer dereference inside\nbrcmf_txfinalize() when trying to update ifp-\u003endev-\u003estats.tx_errors.\n\nThis will only happen if a flowring still has an skb.\n\nAlthough the NULL pointer dereference has only been seen when trying to\nupdate the tx statistic, all other uses of the ifp pointer have been\nguarded as well with an early return if ifp is NULL.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21744",
          "url": "https://www.suse.com/security/cve/CVE-2025-21744"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238903 for CVE-2025-21744",
          "url": "https://bugzilla.suse.com/1238903"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21744"
    },
    {
      "cve": "CVE-2025-21745",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21745"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\n\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\nclass_dev_iter_(init|next)(), but does not end iterating with\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\n\nFix by ending the iterating with class_dev_iter_exit().",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21745",
          "url": "https://www.suse.com/security/cve/CVE-2025-21745"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238785 for CVE-2025-21745",
          "url": "https://bugzilla.suse.com/1238785"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21745"
    },
    {
      "cve": "CVE-2025-21749",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21749"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: lock the socket in rose_bind()\n\nsyzbot reported a soft lockup in rose_loopback_timer(),\nwith a repro calling bind() from multiple threads.\n\nrose_bind() must lock the socket to avoid this issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21749",
          "url": "https://www.suse.com/security/cve/CVE-2025-21749"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238904 for CVE-2025-21749",
          "url": "https://bugzilla.suse.com/1238904"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "low"
        }
      ],
      "title": "CVE-2025-21749"
    },
    {
      "cve": "CVE-2025-21750",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21750"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Check the return value of of_property_read_string_index()\n\nSomewhen between 6.10 and 6.11 the driver started to crash on my\nMacBookPro14,3. The property doesn\u0027t exist and \u0027tmp\u0027 remains\nuninitialized, so we pass a random pointer to devm_kstrdup().\n\nThe crash I am getting looks like this:\n\nBUG: unable to handle page fault for address: 00007f033c669379\nPF: supervisor read access in kernel mode\nPF: error_code(0x0001) - permissions violation\nPGD 8000000101341067 P4D 8000000101341067 PUD 101340067 PMD 1013bb067 PTE 800000010aee9025\nOops: Oops: 0001 [#1] SMP PTI\nCPU: 4 UID: 0 PID: 827 Comm: (udev-worker) Not tainted 6.11.8-gentoo #1\nHardware name: Apple Inc. MacBookPro14,3/Mac-551B86E5744E2388, BIOS 529.140.2.0.0 06/23/2024\nRIP: 0010:strlen+0x4/0x30\nCode: f7 75 ec 31 c0 c3 cc cc cc cc 48 89 f8 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa \u003c80\u003e 3f 00 74 14 48 89 f8 48 83 c0 01 80 38 00 75 f7 48 29 f8 c3 cc\nRSP: 0018:ffffb4aac0683ad8 EFLAGS: 00010202\nRAX: 00000000ffffffea RBX: 00007f033c669379 RCX: 0000000000000001\nRDX: 0000000000000cc0 RSI: 00007f033c669379 RDI: 00007f033c669379\nRBP: 00000000ffffffea R08: 0000000000000000 R09: 00000000c0ba916a\nR10: ffffffffffffffff R11: ffffffffb61ea260 R12: ffff91f7815b50c8\nR13: 0000000000000cc0 R14: ffff91fafefffe30 R15: ffffb4aac0683b30\nFS:  00007f033ccbe8c0(0000) GS:ffff91faeed00000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f033c669379 CR3: 0000000107b1e004 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x149/0x4c0\n ? raw_spin_rq_lock_nested+0xe/0x20\n ? sched_balance_newidle+0x22b/0x3c0\n ? update_load_avg+0x78/0x770\n ? exc_page_fault+0x6f/0x150\n ? asm_exc_page_fault+0x26/0x30\n ? __pfx_pci_conf1_write+0x10/0x10\n ? strlen+0x4/0x30\n devm_kstrdup+0x25/0x70\n brcmf_of_probe+0x273/0x350 [brcmfmac]",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21750",
          "url": "https://www.suse.com/security/cve/CVE-2025-21750"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238905 for CVE-2025-21750",
          "url": "https://bugzilla.suse.com/1238905"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21750"
    },
    {
      "cve": "CVE-2025-21753",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21753"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free when attempting to join an aborted transaction\n\nWhen we are trying to join the current transaction and if it\u0027s aborted,\nwe read its \u0027aborted\u0027 field after unlocking fs_info-\u003etrans_lock and\nwithout holding any extra reference count on it. This means that a\nconcurrent task that is aborting the transaction may free the transaction\nbefore we read its \u0027aborted\u0027 field, leading to a use-after-free.\n\nFix this by reading the \u0027aborted\u0027 field while holding fs_info-\u003etrans_lock\nsince any freeing task must first acquire that lock and set\nfs_info-\u003erunning_transaction to NULL before freeing the transaction.\n\nThis was reported by syzbot and Dmitry with the following stack traces\nfrom KASAN:\n\n   ==================================================================\n   BUG: KASAN: slab-use-after-free in join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n   Read of size 4 at addr ffff888011839024 by task kworker/u4:9/1128\n\n   CPU: 0 UID: 0 PID: 1128 Comm: kworker/u4:9 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0\n   Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n   Workqueue: events_unbound btrfs_async_reclaim_data_space\n   Call Trace:\n    \u003cTASK\u003e\n    __dump_stack lib/dump_stack.c:94 [inline]\n    dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n    print_address_description mm/kasan/report.c:378 [inline]\n    print_report+0x169/0x550 mm/kasan/report.c:489\n    kasan_report+0x143/0x180 mm/kasan/report.c:602\n    join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n    start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n    flush_space+0x448/0xcf0 fs/btrfs/space-info.c:803\n    btrfs_async_reclaim_data_space+0x159/0x510 fs/btrfs/space-info.c:1321\n    process_one_work kernel/workqueue.c:3236 [inline]\n    process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3317\n    worker_thread+0x870/0xd30 kernel/workqueue.c:3398\n    kthread+0x2f0/0x390 kernel/kthread.c:389\n    ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n    ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n    \u003c/TASK\u003e\n\n   Allocated by task 5315:\n    kasan_save_stack mm/kasan/common.c:47 [inline]\n    kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n    poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n    __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n    kasan_kmalloc include/linux/kasan.h:260 [inline]\n    __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n    kmalloc_noprof include/linux/slab.h:901 [inline]\n    join_transaction+0x144/0xda0 fs/btrfs/transaction.c:308\n    start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n    btrfs_create_common+0x1b2/0x2e0 fs/btrfs/inode.c:6572\n    lookup_open fs/namei.c:3649 [inline]\n    open_last_lookups fs/namei.c:3748 [inline]\n    path_openat+0x1c03/0x3590 fs/namei.c:3984\n    do_filp_open+0x27f/0x4e0 fs/namei.c:4014\n    do_sys_openat2+0x13e/0x1d0 fs/open.c:1402\n    do_sys_open fs/open.c:1417 [inline]\n    __do_sys_creat fs/open.c:1495 [inline]\n    __se_sys_creat fs/open.c:1489 [inline]\n    __x64_sys_creat+0x123/0x170 fs/open.c:1489\n    do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n    do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n    entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n   Freed by task 5336:\n    kasan_save_stack mm/kasan/common.c:47 [inline]\n    kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n    kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n    poison_slab_object mm/kasan/common.c:247 [inline]\n    __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n    kasan_slab_free include/linux/kasan.h:233 [inline]\n    slab_free_hook mm/slub.c:2353 [inline]\n    slab_free mm/slub.c:4613 [inline]\n    kfree+0x196/0x430 mm/slub.c:4761\n    cleanup_transaction fs/btrfs/transaction.c:2063 [inline]\n    btrfs_commit_transaction+0x2c97/0x3720 fs/btrfs/transaction.c:2598\n    insert_balance_item+0x1284/0x20b0 fs/btrfs/volumes.c:3757\n    btrfs_balance+0x992/\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21753",
          "url": "https://www.suse.com/security/cve/CVE-2025-21753"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237875 for CVE-2025-21753",
          "url": "https://bugzilla.suse.com/1237875"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21753"
    },
    {
      "cve": "CVE-2025-21754",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21754"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion failure when splitting ordered extent after transaction abort\n\nIf while we are doing a direct IO write a transaction abort happens, we\nmark all existing ordered extents with the BTRFS_ORDERED_IOERR flag (done\nat btrfs_destroy_ordered_extents()), and then after that if we enter\nbtrfs_split_ordered_extent() and the ordered extent has bytes left\n(meaning we have a bio that doesn\u0027t cover the whole ordered extent, see\ndetails at btrfs_extract_ordered_extent()), we will fail on the following\nassertion at btrfs_split_ordered_extent():\n\n   ASSERT(!(flags \u0026 ~BTRFS_ORDERED_TYPE_FLAGS));\n\nbecause the BTRFS_ORDERED_IOERR flag is set and the definition of\nBTRFS_ORDERED_TYPE_FLAGS is just the union of all flags that identify the\ntype of write (regular, nocow, prealloc, compressed, direct IO, encoded).\n\nFix this by returning an error from btrfs_extract_ordered_extent() if we\nfind the BTRFS_ORDERED_IOERR flag in the ordered extent. The error will\nbe the error that resulted in the transaction abort or -EIO if no\ntransaction abort happened.\n\nThis was recently reported by syzbot with the following trace:\n\n   FAULT_INJECTION: forcing a failure.\n   name failslab, interval 1, probability 0, space 0, times 1\n   CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted 6.13.0-rc5-syzkaller #0\n   Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n   Call Trace:\n    \u003cTASK\u003e\n    __dump_stack lib/dump_stack.c:94 [inline]\n    dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n    fail_dump lib/fault-inject.c:53 [inline]\n    should_fail_ex+0x3b0/0x4e0 lib/fault-inject.c:154\n    should_failslab+0xac/0x100 mm/failslab.c:46\n    slab_pre_alloc_hook mm/slub.c:4072 [inline]\n    slab_alloc_node mm/slub.c:4148 [inline]\n    __do_kmalloc_node mm/slub.c:4297 [inline]\n    __kmalloc_noprof+0xdd/0x4c0 mm/slub.c:4310\n    kmalloc_noprof include/linux/slab.h:905 [inline]\n    kzalloc_noprof include/linux/slab.h:1037 [inline]\n    btrfs_chunk_alloc_add_chunk_item+0x244/0x1100 fs/btrfs/volumes.c:5742\n    reserve_chunk_space+0x1ca/0x2c0 fs/btrfs/block-group.c:4292\n    check_system_chunk fs/btrfs/block-group.c:4319 [inline]\n    do_chunk_alloc fs/btrfs/block-group.c:3891 [inline]\n    btrfs_chunk_alloc+0x77b/0xf80 fs/btrfs/block-group.c:4187\n    find_free_extent_update_loop fs/btrfs/extent-tree.c:4166 [inline]\n    find_free_extent+0x42d1/0x5810 fs/btrfs/extent-tree.c:4579\n    btrfs_reserve_extent+0x422/0x810 fs/btrfs/extent-tree.c:4672\n    btrfs_new_extent_direct fs/btrfs/direct-io.c:186 [inline]\n    btrfs_get_blocks_direct_write+0x706/0xfa0 fs/btrfs/direct-io.c:321\n    btrfs_dio_iomap_begin+0xbb7/0x1180 fs/btrfs/direct-io.c:525\n    iomap_iter+0x697/0xf60 fs/iomap/iter.c:90\n    __iomap_dio_rw+0xeb9/0x25b0 fs/iomap/direct-io.c:702\n    btrfs_dio_write fs/btrfs/direct-io.c:775 [inline]\n    btrfs_direct_write+0x610/0xa30 fs/btrfs/direct-io.c:880\n    btrfs_do_write_iter+0x2a0/0x760 fs/btrfs/file.c:1397\n    do_iter_readv_writev+0x600/0x880\n    vfs_writev+0x376/0xba0 fs/read_write.c:1050\n    do_pwritev fs/read_write.c:1146 [inline]\n    __do_sys_pwritev2 fs/read_write.c:1204 [inline]\n    __se_sys_pwritev2+0x196/0x2b0 fs/read_write.c:1195\n    do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n    do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n    entry_SYSCALL_64_after_hwframe+0x77/0x7f\n   RIP: 0033:0x7f1281f85d29\n   RSP: 002b:00007f12819fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148\n   RAX: ffffffffffffffda RBX: 00007f1282176080 RCX: 00007f1281f85d29\n   RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000005\n   RBP: 00007f12819fe090 R08: 0000000000000000 R09: 0000000000000003\n   R10: 0000000000007000 R11: 0000000000000246 R12: 0000000000000002\n   R13: 0000000000000000 R14: 00007f1282176080 R15: 00007ffcb9e23328\n    \u003c/TASK\u003e\n   BTRFS error (device loop0 state A): Transaction aborted (error -12)\n   BTRFS: error (device loop0 state A\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21754",
          "url": "https://www.suse.com/security/cve/CVE-2025-21754"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238496 for CVE-2025-21754",
          "url": "https://bugzilla.suse.com/1238496"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21754"
    },
    {
      "cve": "CVE-2025-21756",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21756"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n    1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n    2. transport-\u003erelease() calls vsock_remove_bound() without checking if\n       sk was bound and moved to bound list (refcnt=1)\n    3. vsock_bind() assumes sk is in unbound list and before\n       __vsock_insert_bound(vsock_bound_sockets()) calls\n       __vsock_remove_bound() which does:\n           list_del_init(\u0026vsk-\u003ebound_table); // nop\n           sock_put(\u0026vsk-\u003esk);               // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21756",
          "url": "https://www.suse.com/security/cve/CVE-2025-21756"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238876 for CVE-2025-21756",
          "url": "https://bugzilla.suse.com/1238876"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1245795 for CVE-2025-21756",
          "url": "https://bugzilla.suse.com/1245795"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21756"
    },
    {
      "cve": "CVE-2025-21759",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21759"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: extend RCU protection in igmp6_send()\n\nigmp6_send() can be called without RTNL or RCU being held.\n\nExtend RCU protection so that we can safely fetch the net pointer\nand avoid a potential UAF.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21759",
          "url": "https://www.suse.com/security/cve/CVE-2025-21759"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238738 for CVE-2025-21759",
          "url": "https://bugzilla.suse.com/1238738"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21759"
    },
    {
      "cve": "CVE-2025-21760",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21760"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: extend RCU protection in ndisc_send_skb()\n\nndisc_send_skb() can be called without RTNL or RCU held.\n\nAcquire rcu_read_lock() earlier, so that we can use dev_net_rcu()\nand avoid a potential UAF.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21760",
          "url": "https://www.suse.com/security/cve/CVE-2025-21760"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238763 for CVE-2025-21760",
          "url": "https://bugzilla.suse.com/1238763"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21760"
    },
    {
      "cve": "CVE-2025-21761",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21761"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: use RCU protection in ovs_vport_cmd_fill_info()\n\novs_vport_cmd_fill_info() can be called without RTNL or RCU.\n\nUse RCU protection and dev_net_rcu() to avoid potential UAF.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21761",
          "url": "https://www.suse.com/security/cve/CVE-2025-21761"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238775 for CVE-2025-21761",
          "url": "https://bugzilla.suse.com/1238775"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21761"
    },
    {
      "cve": "CVE-2025-21762",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21762"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: use RCU protection in arp_xmit()\n\narp_xmit() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21762",
          "url": "https://www.suse.com/security/cve/CVE-2025-21762"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238780 for CVE-2025-21762",
          "url": "https://bugzilla.suse.com/1238780"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21762"
    },
    {
      "cve": "CVE-2025-21763",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21763"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nneighbour: use RCU protection in __neigh_notify()\n\n__neigh_notify() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21763",
          "url": "https://www.suse.com/security/cve/CVE-2025-21763"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237897 for CVE-2025-21763",
          "url": "https://bugzilla.suse.com/1237897"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21763"
    },
    {
      "cve": "CVE-2025-21764",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21764"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: use RCU protection in ndisc_alloc_skb()\n\nndisc_alloc_skb() can be called without RTNL or RCU being held.\n\nAdd RCU protection to avoid possible UAF.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21764",
          "url": "https://www.suse.com/security/cve/CVE-2025-21764"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237885 for CVE-2025-21764",
          "url": "https://bugzilla.suse.com/1237885"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21764"
    },
    {
      "cve": "CVE-2025-21765",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21765"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU protection in ip6_default_advmss()\n\nip6_default_advmss() needs rcu protection to make\nsure the net structure it reads does not disappear.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21765",
          "url": "https://www.suse.com/security/cve/CVE-2025-21765"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1237906 for CVE-2025-21765",
          "url": "https://bugzilla.suse.com/1237906"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21765"
    },
    {
      "cve": "CVE-2025-21766",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21766"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: use RCU protection in __ip_rt_update_pmtu()\n\n__ip_rt_update_pmtu() must use RCU protection to make\nsure the net structure it reads does not disappear.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21766",
          "url": "https://www.suse.com/security/cve/CVE-2025-21766"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238754 for CVE-2025-21766",
          "url": "https://bugzilla.suse.com/1238754"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21766"
    },
    {
      "cve": "CVE-2025-21772",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21772"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n   preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n   (which results in partition table entries straddling sector boundaries),\n   bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n   termination - use strnlen() and strncmp() instead of strlen() and\n   strcmp().",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21772",
          "url": "https://www.suse.com/security/cve/CVE-2025-21772"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238911 for CVE-2025-21772",
          "url": "https://bugzilla.suse.com/1238911"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238912 for CVE-2025-21772",
          "url": "https://bugzilla.suse.com/1238912"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21772"
    },
    {
      "cve": "CVE-2025-21773",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21773"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: fix potential NULL pointer dereference on udev-\u003eserial\n\nThe driver assumed that es58x_dev-\u003eudev-\u003eserial could never be NULL.\nWhile this is true on commercially available devices, an attacker\ncould spoof the device identity providing a NULL USB serial number.\nThat would trigger a NULL pointer dereference.\n\nAdd a check on es58x_dev-\u003eudev-\u003eserial before accessing it.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21773",
          "url": "https://www.suse.com/security/cve/CVE-2025-21773"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238762 for CVE-2025-21773",
          "url": "https://bugzilla.suse.com/1238762"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21773"
    },
    {
      "cve": "CVE-2025-21775",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21775"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ctucanfd: handle skb allocation failure\n\nIf skb allocation fails, the pointer to struct can_frame is NULL. This\nis actually handled everywhere inside ctucan_err_interrupt() except for\nthe only place.\n\nAdd the missed NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21775",
          "url": "https://www.suse.com/security/cve/CVE-2025-21775"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238501 for CVE-2025-21775",
          "url": "https://bugzilla.suse.com/1238501"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21775"
    },
    {
      "cve": "CVE-2025-21776",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21776"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: hub: Ignore non-compliant devices with too many configs or interfaces\n\nRobert Morris created a test program which can cause\nusb_hub_to_struct_hub() to dereference a NULL or inappropriate\npointer:\n\nOops: general protection fault, probably for non-canonical address\n0xcccccccccccccccc: 0000 [#1] SMP DEBUG_PAGEALLOC PTI\nCPU: 7 UID: 0 PID: 117 Comm: kworker/7:1 Not tainted 6.13.0-rc3-00017-gf44d154d6e3d #14\nHardware name: FreeBSD BHYVE/BHYVE, BIOS 14.0 10/17/2021\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:usb_hub_adjust_deviceremovable+0x78/0x110\n...\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x31/0x80\n ? exc_general_protection+0x1b4/0x3c0\n ? asm_exc_general_protection+0x26/0x30\n ? usb_hub_adjust_deviceremovable+0x78/0x110\n hub_probe+0x7c7/0xab0\n usb_probe_interface+0x14b/0x350\n really_probe+0xd0/0x2d0\n ? __pfx___device_attach_driver+0x10/0x10\n __driver_probe_device+0x6e/0x110\n driver_probe_device+0x1a/0x90\n __device_attach_driver+0x7e/0xc0\n bus_for_each_drv+0x7f/0xd0\n __device_attach+0xaa/0x1a0\n bus_probe_device+0x8b/0xa0\n device_add+0x62e/0x810\n usb_set_configuration+0x65d/0x990\n usb_generic_driver_probe+0x4b/0x70\n usb_probe_device+0x36/0xd0\n\nThe cause of this error is that the device has two interfaces, and the\nhub driver binds to interface 1 instead of interface 0, which is where\nusb_hub_to_struct_hub() looks.\n\nWe can prevent the problem from occurring by refusing to accept hub\ndevices that violate the USB spec by having more than one\nconfiguration or interface.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21776",
          "url": "https://www.suse.com/security/cve/CVE-2025-21776"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238909 for CVE-2025-21776",
          "url": "https://bugzilla.suse.com/1238909"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21776"
    },
    {
      "cve": "CVE-2025-21779",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21779"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel\n\nAdvertise support for Hyper-V\u0027s SEND_IPI and SEND_IPI_EX hypercalls if and\nonly if the local API is emulated/virtualized by KVM, and explicitly reject\nsaid hypercalls if the local APIC is emulated in userspace, i.e. don\u0027t rely\non userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID.\n\nRejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if\nHyper-V enlightenments are exposed to the guest without an in-kernel local\nAPIC:\n\n  dump_stack+0xbe/0xfd\n  __kasan_report.cold+0x34/0x84\n  kasan_report+0x3a/0x50\n  __apic_accept_irq+0x3a/0x5c0\n  kvm_hv_send_ipi.isra.0+0x34e/0x820\n  kvm_hv_hypercall+0x8d9/0x9d0\n  kvm_emulate_hypercall+0x506/0x7e0\n  __vmx_handle_exit+0x283/0xb60\n  vmx_handle_exit+0x1d/0xd0\n  vcpu_enter_guest+0x16b0/0x24c0\n  vcpu_run+0xc0/0x550\n  kvm_arch_vcpu_ioctl_run+0x170/0x6d0\n  kvm_vcpu_ioctl+0x413/0xb20\n  __se_sys_ioctl+0x111/0x160\n  do_syscal1_64+0x30/0x40\n  entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nNote, checking the sending vCPU is sufficient, as the per-VM irqchip_mode\ncan\u0027t be modified after vCPUs are created, i.e. if one vCPU has an\nin-kernel local APIC, then all vCPUs have an in-kernel local APIC.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21779",
          "url": "https://www.suse.com/security/cve/CVE-2025-21779"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238768 for CVE-2025-21779",
          "url": "https://bugzilla.suse.com/1238768"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21779"
    },
    {
      "cve": "CVE-2025-21780",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21780"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()\n\nIt malicious user provides a small pptable through sysfs and then\na bigger pptable, it may cause buffer overflow attack in function\nsmu_sys_set_pp_table().",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21780",
          "url": "https://www.suse.com/security/cve/CVE-2025-21780"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239115 for CVE-2025-21780",
          "url": "https://bugzilla.suse.com/1239115"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239116 for CVE-2025-21780",
          "url": "https://bugzilla.suse.com/1239116"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21780"
    },
    {
      "cve": "CVE-2025-21781",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21781"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: fix panic during interface removal\n\nReference counting is used to ensure that\nbatadv_hardif_neigh_node and batadv_hard_iface\nare not freed before/during\nbatadv_v_elp_throughput_metric_update work is\nfinished.\n\nBut there isn\u0027t a guarantee that the hard if will\nremain associated with a soft interface up until\nthe work is finished.\n\nThis fixes a crash triggered by reboot that looks\nlike this:\n\nCall trace:\n batadv_v_mesh_free+0xd0/0x4dc [batman_adv]\n batadv_v_elp_throughput_metric_update+0x1c/0xa4\n process_one_work+0x178/0x398\n worker_thread+0x2e8/0x4d0\n kthread+0xd8/0xdc\n ret_from_fork+0x10/0x20\n\n(the batadv_v_mesh_free call is misleading,\nand does not actually happen)\n\nI was able to make the issue happen more reliably\nby changing hardif_neigh-\u003ebat_v.metric_work work\nto be delayed work. This allowed me to track down\nand confirm the fix.\n\n[sven@narfation.org: prevent entering batadv_v_elp_get_throughput without\n soft_iface]",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21781",
          "url": "https://www.suse.com/security/cve/CVE-2025-21781"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238735 for CVE-2025-21781",
          "url": "https://bugzilla.suse.com/1238735"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21781"
    },
    {
      "cve": "CVE-2025-21782",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21782"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: fix a oob in orangefs_debug_write\n\nI got a syzbot report: slab-out-of-bounds Read in\norangefs_debug_write... several people suggested fixes,\nI tested Al Viro\u0027s suggestion and made this patch.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21782",
          "url": "https://www.suse.com/security/cve/CVE-2025-21782"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239117 for CVE-2025-21782",
          "url": "https://bugzilla.suse.com/1239117"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21782"
    },
    {
      "cve": "CVE-2025-21784",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21784"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode()\n\nIn function psp_init_cap_microcode(), it should bail out when failed to\nload firmware, otherwise it may cause invalid memory access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21784",
          "url": "https://www.suse.com/security/cve/CVE-2025-21784"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238510 for CVE-2025-21784",
          "url": "https://bugzilla.suse.com/1238510"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21784"
    },
    {
      "cve": "CVE-2025-21785",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21785"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array\n\nThe loop that detects/populates cache information already has a bounds\ncheck on the array size but does not account for cache levels with\nseparate data/instructions cache. Fix this by incrementing the index\nfor any populated leaf (instead of any populated level).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21785",
          "url": "https://www.suse.com/security/cve/CVE-2025-21785"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238747 for CVE-2025-21785",
          "url": "https://bugzilla.suse.com/1238747"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240745 for CVE-2025-21785",
          "url": "https://bugzilla.suse.com/1240745"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21785"
    },
    {
      "cve": "CVE-2025-21791",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21791"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: use RCU protection in l3mdev_l3_out()\n\nl3mdev_l3_out() can be called without RCU being held:\n\nraw_sendmsg()\n ip_push_pending_frames()\n  ip_send_skb()\n   ip_local_out()\n    __ip_local_out()\n     l3mdev_ip_out()\n\nAdd rcu_read_lock() / rcu_read_unlock() pair to avoid\na potential UAF.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21791",
          "url": "https://www.suse.com/security/cve/CVE-2025-21791"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238512 for CVE-2025-21791",
          "url": "https://bugzilla.suse.com/1238512"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240744 for CVE-2025-21791",
          "url": "https://bugzilla.suse.com/1240744"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-21791"
    },
    {
      "cve": "CVE-2025-21793",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21793"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sn-f-ospi: Fix division by zero\n\nWhen there is no dummy cycle in the spi-nor commands, both dummy bus cycle\nbytes and width are zero. Because of the cpu\u0027s warning when divided by\nzero, the warning should be avoided. Return just zero to avoid such\ncalculations.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21793",
          "url": "https://www.suse.com/security/cve/CVE-2025-21793"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238500 for CVE-2025-21793",
          "url": "https://bugzilla.suse.com/1238500"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21793"
    },
    {
      "cve": "CVE-2025-21794",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21794"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()\n\nSyzbot[1] has detected a stack-out-of-bounds read of the ep_addr array from\nhid-thrustmaster driver. This array is passed to usb_check_int_endpoints\nfunction from usb.c core driver, which executes a for loop that iterates\nover the elements of the passed array. Not finding a null element at the end of\nthe array, it tries to read the next, non-existent element, crashing the kernel.\n\nTo fix this, a 0 element was added at the end of the array to break the for\nloop.\n\n[1] https://syzkaller.appspot.com/bug?extid=9c9179ac46169c56c1ad",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21794",
          "url": "https://www.suse.com/security/cve/CVE-2025-21794"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238502 for CVE-2025-21794",
          "url": "https://bugzilla.suse.com/1238502"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21794"
    },
    {
      "cve": "CVE-2025-21796",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21796"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: clear acl_access/acl_default after releasing them\n\nIf getting acl_default fails, acl_access and acl_default will be released\nsimultaneously. However, acl_access will still retain a pointer pointing\nto the released posix_acl, which will trigger a WARNING in\nnfs3svc_release_getacl like this:\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 26 PID: 3199 at lib/refcount.c:28\nrefcount_warn_saturate+0xb5/0x170\nModules linked in:\nCPU: 26 UID: 0 PID: 3199 Comm: nfsd Not tainted\n6.12.0-rc6-00079-g04ae226af01f-dirty #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb5/0x170\nCode: cc cc 0f b6 1d b3 20 a5 03 80 fb 01 0f 87 65 48 d8 00 83 e3 01 75\ne4 48 c7 c7 c0 3b 9b 85 c6 05 97 20 a5 03 01 e8 fb 3e 30 ff \u003c0f\u003e 0b eb\ncd 0f b6 1d 8a3\nRSP: 0018:ffffc90008637cd8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff83904fde\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88871ed36380\nRBP: ffff888158beeb40 R08: 0000000000000001 R09: fffff520010c6f56\nR10: ffffc90008637ab7 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff888140e77400 R14: ffff888140e77408 R15: ffffffff858b42c0\nFS:  0000000000000000(0000) GS:ffff88871ed00000(0000)\nknlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000562384d32158 CR3: 000000055cc6a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xb5/0x170\n ? __warn+0xa5/0x140\n ? refcount_warn_saturate+0xb5/0x170\n ? report_bug+0x1b1/0x1e0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x17/0x40\n ? asm_exc_invalid_op+0x1a/0x20\n ? tick_nohz_tick_stopped+0x1e/0x40\n ? refcount_warn_saturate+0xb5/0x170\n ? refcount_warn_saturate+0xb5/0x170\n nfs3svc_release_getacl+0xc9/0xe0\n svc_process_common+0x5db/0xb60\n ? __pfx_svc_process_common+0x10/0x10\n ? __rcu_read_unlock+0x69/0xa0\n ? __pfx_nfsd_dispatch+0x10/0x10\n ? svc_xprt_received+0xa1/0x120\n ? xdr_init_decode+0x11d/0x190\n svc_process+0x2a7/0x330\n svc_handle_xprt+0x69d/0x940\n svc_recv+0x180/0x2d0\n nfsd+0x168/0x200\n ? __pfx_nfsd+0x10/0x10\n kthread+0x1a2/0x1e0\n ? kthread+0xf4/0x1e0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nKernel panic - not syncing: kernel: panic_on_warn set ...\n\nClear acl_access/acl_default after posix_acl_release is called to prevent\nUAF from being triggered.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21796",
          "url": "https://www.suse.com/security/cve/CVE-2025-21796"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238716 for CVE-2025-21796",
          "url": "https://bugzilla.suse.com/1238716"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21796"
    },
    {
      "cve": "CVE-2025-21804",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21804"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()\n\nThe rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region()\nmacro to request a needed resource. A string variable that lives on the\nstack is then used to store a dynamically computed resource name, which\nis then passed on as one of the macro arguments. This can lead to\nundefined behavior.\n\nDepending on the current contents of the memory, the manifestations of\nerrors may vary. One possible output may be as follows:\n\n  $ cat /proc/iomem\n  30000000-37ffffff :\n  38000000-3fffffff :\n\nSometimes, garbage may appear after the colon.\n\nIn very rare cases, if no NULL-terminator is found in memory, the system\nmight crash because the string iterator will overrun which can lead to\naccess of unmapped memory above the stack.\n\nThus, fix this by replacing outbound_name with the name of the previously\nrequested resource. With the changes applied, the output will be as\nfollows:\n\n  $ cat /proc/iomem\n  30000000-37ffffff : memory2\n  38000000-3fffffff : memory3\n\n[kwilczynski: commit log]",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21804",
          "url": "https://www.suse.com/security/cve/CVE-2025-21804"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238736 for CVE-2025-21804",
          "url": "https://bugzilla.suse.com/1238736"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21804"
    },
    {
      "cve": "CVE-2025-21810",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21810"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: class: Fix wild pointer dereferences in API class_dev_iter_next()\n\nThere are a potential wild pointer dereferences issue regarding APIs\nclass_dev_iter_(init|next|exit)(), as explained by below typical usage:\n\n// All members of @iter are wild pointers.\nstruct class_dev_iter iter;\n\n// class_dev_iter_init(@iter, @class, ...) checks parameter @class for\n// potential class_to_subsys() error, and it returns void type and does\n// not initialize its output parameter @iter, so caller can not detect\n// the error and continues to invoke class_dev_iter_next(@iter) even if\n// @iter still contains wild pointers.\nclass_dev_iter_init(\u0026iter, ...);\n\n// Dereference these wild pointers in @iter here once suffer the error.\nwhile (dev = class_dev_iter_next(\u0026iter)) { ... };\n\n// Also dereference these wild pointers here.\nclass_dev_iter_exit(\u0026iter);\n\nActually, all callers of these APIs have such usage pattern in kernel tree.\nFix by:\n- Initialize output parameter @iter by memset() in class_dev_iter_init()\n  and give callers prompt by pr_crit() for the error.\n- Check if @iter is valid in class_dev_iter_next().",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21810",
          "url": "https://www.suse.com/security/cve/CVE-2025-21810"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238757 for CVE-2025-21810",
          "url": "https://bugzilla.suse.com/1238757"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21810"
    },
    {
      "cve": "CVE-2025-21815",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21815"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/compaction: fix UBSAN shift-out-of-bounds warning\n\nsyzkaller reported a UBSAN shift-out-of-bounds warning of (1UL \u003c\u003c order)\nin isolate_freepages_block().  The bogus compound_order can be any value\nbecause it is union with flags.  Add back the MAX_PAGE_ORDER check to fix\nthe warning.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21815",
          "url": "https://www.suse.com/security/cve/CVE-2025-21815"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238474 for CVE-2025-21815",
          "url": "https://bugzilla.suse.com/1238474"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21815"
    },
    {
      "cve": "CVE-2025-21819",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21819"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"drm/amd/display: Use HW lock mgr for PSR1\"\n\nThis reverts commit\na2b5a9956269 (\"drm/amd/display: Use HW lock mgr for PSR1\")\n\nBecause it may cause system hang while connect with two edp panel.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21819",
          "url": "https://www.suse.com/security/cve/CVE-2025-21819"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238994 for CVE-2025-21819",
          "url": "https://bugzilla.suse.com/1238994"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21819"
    },
    {
      "cve": "CVE-2025-21820",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21820"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: xilinx_uartps: split sysrq handling\n\nlockdep detects the following circular locking dependency:\n\nCPU 0                      CPU 1\n========================== ============================\ncdns_uart_isr()            printk()\n  uart_port_lock(port)       console_lock()\n\t\t\t     cdns_uart_console_write()\n                               if (!port-\u003esysrq)\n                                 uart_port_lock(port)\n  uart_handle_break()\n    port-\u003esysrq = ...\n  uart_handle_sysrq_char()\n    printk()\n      console_lock()\n\nThe fixed commit attempts to avoid this situation by only taking the\nport lock in cdns_uart_console_write if port-\u003esysrq unset. However, if\n(as shown above) cdns_uart_console_write runs before port-\u003esysrq is set,\nthen it will try to take the port lock anyway. This may result in a\ndeadlock.\n\nFix this by splitting sysrq handling into two parts. We use the prepare\nhelper under the port lock and defer handling until we release the lock.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21820",
          "url": "https://www.suse.com/security/cve/CVE-2025-21820"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238479 for CVE-2025-21820",
          "url": "https://bugzilla.suse.com/1238479"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21820"
    },
    {
      "cve": "CVE-2025-21821",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21821"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omap: use threaded IRQ for LCD DMA\n\nWhen using touchscreen and framebuffer, Nokia 770 crashes easily with:\n\n    BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000\n    Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd\n    CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2\n    Hardware name: Nokia 770\n    Call trace:\n     unwind_backtrace from show_stack+0x10/0x14\n     show_stack from dump_stack_lvl+0x54/0x5c\n     dump_stack_lvl from __schedule_bug+0x50/0x70\n     __schedule_bug from __schedule+0x4d4/0x5bc\n     __schedule from schedule+0x34/0xa0\n     schedule from schedule_preempt_disabled+0xc/0x10\n     schedule_preempt_disabled from __mutex_lock.constprop.0+0x218/0x3b4\n     __mutex_lock.constprop.0 from clk_prepare_lock+0x38/0xe4\n     clk_prepare_lock from clk_set_rate+0x18/0x154\n     clk_set_rate from sossi_read_data+0x4c/0x168\n     sossi_read_data from hwa742_read_reg+0x5c/0x8c\n     hwa742_read_reg from send_frame_handler+0xfc/0x300\n     send_frame_handler from process_pending_requests+0x74/0xd0\n     process_pending_requests from lcd_dma_irq_handler+0x50/0x74\n     lcd_dma_irq_handler from __handle_irq_event_percpu+0x44/0x130\n     __handle_irq_event_percpu from handle_irq_event+0x28/0x68\n     handle_irq_event from handle_level_irq+0x9c/0x170\n     handle_level_irq from generic_handle_domain_irq+0x2c/0x3c\n     generic_handle_domain_irq from omap1_handle_irq+0x40/0x8c\n     omap1_handle_irq from generic_handle_arch_irq+0x28/0x3c\n     generic_handle_arch_irq from call_with_stack+0x1c/0x24\n     call_with_stack from __irq_svc+0x94/0xa8\n    Exception stack(0xc5255da0 to 0xc5255de8)\n    5da0: 00000001 c22fc620 00000000 00000000 c08384a8 c106fc00 00000000 c240c248\n    5dc0: c113a600 c3f6ec30 00000001 00000000 c22fc620 c5255df0 c22fc620 c0279a94\n    5de0: 60000013 ffffffff\n     __irq_svc from clk_prepare_lock+0x4c/0xe4\n     clk_prepare_lock from clk_get_rate+0x10/0x74\n     clk_get_rate from uwire_setup_transfer+0x40/0x180\n     uwire_setup_transfer from spi_bitbang_transfer_one+0x2c/0x9c\n     spi_bitbang_transfer_one from spi_transfer_one_message+0x2d0/0x664\n     spi_transfer_one_message from __spi_pump_transfer_message+0x29c/0x498\n     __spi_pump_transfer_message from __spi_sync+0x1f8/0x2e8\n     __spi_sync from spi_sync+0x24/0x40\n     spi_sync from ads7846_halfd_read_state+0x5c/0x1c0\n     ads7846_halfd_read_state from ads7846_irq+0x58/0x348\n     ads7846_irq from irq_thread_fn+0x1c/0x78\n     irq_thread_fn from irq_thread+0x120/0x228\n     irq_thread from kthread+0xc8/0xe8\n     kthread from ret_from_fork+0x14/0x28\n\nAs a quick fix, switch to a threaded IRQ which provides a stable system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21821",
          "url": "https://www.suse.com/security/cve/CVE-2025-21821"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239174 for CVE-2025-21821",
          "url": "https://bugzilla.suse.com/1239174"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21821"
    },
    {
      "cve": "CVE-2025-21823",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21823"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Drop unmanaged ELP metric worker\n\nThe ELP worker needs to calculate new metric values for all neighbors\n\"reachable\" over an interface. Some of the used metric sources require\nlocks which might need to sleep. This sleep is incompatible with the RCU\nlist iterator used for the recorded neighbors. The initial approach to work\naround of this problem was to queue another work item per neighbor and then\nrun this in a new context.\n\nEven when this solved the RCU vs might_sleep() conflict, it has a major\nproblems: Nothing was stopping the work item in case it is not needed\nanymore - for example because one of the related interfaces was removed or\nthe batman-adv module was unloaded - resulting in potential invalid memory\naccesses.\n\nDirectly canceling the metric worker also has various problems:\n\n* cancel_work_sync for a to-be-deactivated interface is called with\n  rtnl_lock held. But the code in the ELP metric worker also tries to use\n  rtnl_lock() - which will never return in this case. This also means that\n  cancel_work_sync would never return because it is waiting for the worker\n  to finish.\n* iterating over the neighbor list for the to-be-deactivated interface is\n  currently done using the RCU specific methods. Which means that it is\n  possible to miss items when iterating over it without the associated\n  spinlock - a behaviour which is acceptable for a periodic metric check\n  but not for a cleanup routine (which must \"stop\" all still running\n  workers)\n\nThe better approch is to get rid of the per interface neighbor metric\nworker and handle everything in the interface worker. The original problems\nare solved by:\n\n* creating a list of neighbors which require new metric information inside\n  the RCU protected context, gathering the metric according to the new list\n  outside the RCU protected context\n* only use rcu_trylock inside metric gathering code to avoid a deadlock\n  when the cancel_delayed_work_sync is called in the interface removal code\n  (which is called with the rtnl_lock held)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21823",
          "url": "https://www.suse.com/security/cve/CVE-2025-21823"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238475 for CVE-2025-21823",
          "url": "https://bugzilla.suse.com/1238475"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21823"
    },
    {
      "cve": "CVE-2025-21825",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21825"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Cancel the running bpf_timer through kworker for PREEMPT_RT\n\nDuring the update procedure, when overwrite element in a pre-allocated\nhtab, the freeing of old_element is protected by the bucket lock. The\nreason why the bucket lock is necessary is that the old_element has\nalready been stashed in htab-\u003eextra_elems after alloc_htab_elem()\nreturns. If freeing the old_element after the bucket lock is unlocked,\nthe stashed element may be reused by concurrent update procedure and the\nfreeing of old_element will run concurrently with the reuse of the\nold_element. However, the invocation of check_and_free_fields() may\nacquire a spin-lock which violates the lockdep rule because its caller\nhas already held a raw-spin-lock (bucket lock). The following warning\nwill be reported when such race happens:\n\n  BUG: scheduling while atomic: test_progs/676/0x00000003\n  3 locks held by test_progs/676:\n  #0: ffffffff864b0240 (rcu_read_lock_trace){....}-{0:0}, at: bpf_prog_test_run_syscall+0x2c0/0x830\n  #1: ffff88810e961188 (\u0026htab-\u003elockdep_key){....}-{2:2}, at: htab_map_update_elem+0x306/0x1500\n  #2: ffff8881f4eac1b8 (\u0026base-\u003esoftirq_expiry_lock){....}-{2:2}, at: hrtimer_cancel_wait_running+0xe9/0x1b0\n  Modules linked in: bpf_testmod(O)\n  Preemption disabled at:\n  [\u003cffffffff817837a3\u003e] htab_map_update_elem+0x293/0x1500\n  CPU: 0 UID: 0 PID: 676 Comm: test_progs Tainted: G ... 6.12.0+ #11\n  Tainted: [W]=WARN, [O]=OOT_MODULE\n  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)...\n  Call Trace:\n  \u003cTASK\u003e\n  dump_stack_lvl+0x57/0x70\n  dump_stack+0x10/0x20\n  __schedule_bug+0x120/0x170\n  __schedule+0x300c/0x4800\n  schedule_rtlock+0x37/0x60\n  rtlock_slowlock_locked+0x6d9/0x54c0\n  rt_spin_lock+0x168/0x230\n  hrtimer_cancel_wait_running+0xe9/0x1b0\n  hrtimer_cancel+0x24/0x30\n  bpf_timer_delete_work+0x1d/0x40\n  bpf_timer_cancel_and_free+0x5e/0x80\n  bpf_obj_free_fields+0x262/0x4a0\n  check_and_free_fields+0x1d0/0x280\n  htab_map_update_elem+0x7fc/0x1500\n  bpf_prog_9f90bc20768e0cb9_overwrite_cb+0x3f/0x43\n  bpf_prog_ea601c4649694dbd_overwrite_timer+0x5d/0x7e\n  bpf_prog_test_run_syscall+0x322/0x830\n  __sys_bpf+0x135d/0x3ca0\n  __x64_sys_bpf+0x75/0xb0\n  x64_sys_call+0x1b5/0xa10\n  do_syscall_64+0x3b/0xc0\n  entry_SYSCALL_64_after_hwframe+0x4b/0x53\n  ...\n  \u003c/TASK\u003e\n\nIt seems feasible to break the reuse and refill of per-cpu extra_elems\ninto two independent parts: reuse the per-cpu extra_elems with bucket\nlock being held and refill the old_element as per-cpu extra_elems after\nthe bucket lock is unlocked. However, it will make the concurrent\noverwrite procedures on the same CPU return unexpected -E2BIG error when\nthe map is full.\n\nTherefore, the patch fixes the lock problem by breaking the cancelling\nof bpf_timer into two steps for PREEMPT_RT:\n1) use hrtimer_try_to_cancel() and check its return value\n2) if the timer is running, use hrtimer_cancel() through a kworker to\n   cancel it again\nConsidering that the current implementation of hrtimer_cancel() will try\nto acquire a being held softirq_expiry_lock when the current timer is\nrunning, these steps above are reasonable. However, it also has\ndownside. When the timer is running, the cancelling of the timer is\ndelayed when releasing the last map uref. The delay is also fixable\n(e.g., break the cancelling of bpf timer into two parts: one part in\nlocked scope, another one in unlocked scope), it can be revised later if\nnecessary.\n\nIt is a bit hard to decide the right fix tag. One reason is that the\nproblem depends on PREEMPT_RT which is enabled in v6.12. Considering the\nsoftirq_expiry_lock lock exists since v5.4 and bpf_timer is introduced\nin v5.15, the bpf_timer commit is used in the fixes tag and an extra\ndepends-on tag is added to state the dependency on PREEMPT_RT.\n\nDepends-on: v6.12+ with PREEMPT_RT enabled",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21825",
          "url": "https://www.suse.com/security/cve/CVE-2025-21825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238971 for CVE-2025-21825",
          "url": "https://bugzilla.suse.com/1238971"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21825"
    },
    {
      "cve": "CVE-2025-21828",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21828"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t flush non-uploaded STAs\n\nIf STA state is pre-moved to AUTHORIZED (such as in IBSS\nscenarios) and insertion fails, the station is freed.\nIn this case, the driver never knew about the station,\nso trying to flush it is unexpected and may crash.\n\nCheck if the sta was uploaded to the driver before and\nfix this.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21828",
          "url": "https://www.suse.com/security/cve/CVE-2025-21828"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238958 for CVE-2025-21828",
          "url": "https://bugzilla.suse.com/1238958"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21828"
    },
    {
      "cve": "CVE-2025-21829",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21829"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix the warning \"__rxe_cleanup+0x12c/0x170 [rdma_rxe]\"\n\nThe Call Trace is as below:\n\"\n  \u003cTASK\u003e\n  ? show_regs.cold+0x1a/0x1f\n  ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n  ? __warn+0x84/0xd0\n  ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n  ? report_bug+0x105/0x180\n  ? handle_bug+0x46/0x80\n  ? exc_invalid_op+0x19/0x70\n  ? asm_exc_invalid_op+0x1b/0x20\n  ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n  ? __rxe_cleanup+0x124/0x170 [rdma_rxe]\n  rxe_destroy_qp.cold+0x24/0x29 [rdma_rxe]\n  ib_destroy_qp_user+0x118/0x190 [ib_core]\n  rdma_destroy_qp.cold+0x43/0x5e [rdma_cm]\n  rtrs_cq_qp_destroy.cold+0x1d/0x2b [rtrs_core]\n  rtrs_srv_close_work.cold+0x1b/0x31 [rtrs_server]\n  process_one_work+0x21d/0x3f0\n  worker_thread+0x4a/0x3c0\n  ? process_one_work+0x3f0/0x3f0\n  kthread+0xf0/0x120\n  ? kthread_complete_and_exit+0x20/0x20\n  ret_from_fork+0x22/0x30\n  \u003c/TASK\u003e\n\"\nWhen too many rdma resources are allocated, rxe needs more time to\nhandle these rdma resources. Sometimes with the current timeout, rxe\ncan not release the rdma resources correctly.\n\nCompared with other rdma drivers, a bigger timeout is used.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21829",
          "url": "https://www.suse.com/security/cve/CVE-2025-21829"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239030 for CVE-2025-21829",
          "url": "https://bugzilla.suse.com/1239030"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21829"
    },
    {
      "cve": "CVE-2025-21830",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21830"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlandlock: Handle weird files\n\nA corrupted filesystem (e.g. bcachefs) might return weird files.\nInstead of throwing a warning and allowing access to such file, treat\nthem as regular files.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21830",
          "url": "https://www.suse.com/security/cve/CVE-2025-21830"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239033 for CVE-2025-21830",
          "url": "https://bugzilla.suse.com/1239033"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21830"
    },
    {
      "cve": "CVE-2025-21831",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21831"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1\n\ncommit 9d26d3a8f1b0 (\"PCI: Put PCIe ports into D3 during suspend\") sets the\npolicy that all PCIe ports are allowed to use D3.  When the system is\nsuspended if the port is not power manageable by the platform and won\u0027t be\nused for wakeup via a PME this sets up the policy for these ports to go\ninto D3hot.\n\nThis policy generally makes sense from an OSPM perspective but it leads to\nproblems with wakeup from suspend on the TUXEDO Sirius 16 Gen 1 with a\nspecific old BIOS. This manifests as a system hang.\n\nOn the affected Device + BIOS combination, add a quirk for the root port of\nthe problematic controller to ensure that these root ports are not put into\nD3hot at suspend.\n\nThis patch is based on\n\n  https://lore.kernel.org/linux-pci/20230708214457.1229-2-mario.limonciello@amd.com\n\nbut with the added condition both in the documentation and in the code to\napply only to the TUXEDO Sirius 16 Gen 1 with a specific old BIOS and only\nthe affected root ports.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21831",
          "url": "https://www.suse.com/security/cve/CVE-2025-21831"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239039 for CVE-2025-21831",
          "url": "https://bugzilla.suse.com/1239039"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21831"
    },
    {
      "cve": "CVE-2025-21832",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21832"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t revert iter for -EIOCBQUEUED\n\nblkdev_read_iter() has a few odd checks, like gating the position and\ncount adjustment on whether or not the result is bigger-than-or-equal to\nzero (where bigger than makes more sense), and not checking the return\nvalue of blkdev_direct_IO() before doing an iov_iter_revert(). The\nlatter can lead to attempting to revert with a negative value, which\nwhen passed to iov_iter_revert() as an unsigned value will lead to\nthrowing a WARN_ON() because unroll is bigger than MAX_RW_COUNT.\n\nBe sane and don\u0027t revert for -EIOCBQUEUED, like what is done in other\nspots.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21832",
          "url": "https://www.suse.com/security/cve/CVE-2025-21832"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239105 for CVE-2025-21832",
          "url": "https://bugzilla.suse.com/1239105"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21832"
    },
    {
      "cve": "CVE-2025-21835",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21835"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_midi: fix MIDI Streaming descriptor lengths\n\nWhile the MIDI jacks are configured correctly, and the MIDIStreaming\nendpoint descriptors are filled with the correct information,\nbNumEmbMIDIJack and bLength are set incorrectly in these descriptors.\n\nThis does not matter when the numbers of in and out ports are equal, but\nwhen they differ the host will receive broken descriptors with\nuninitialized stack memory leaking into the descriptor for whichever\nvalue is smaller.\n\nThe precise meaning of \"in\" and \"out\" in the port counts is not clearly\ndefined and can be confusing.  But elsewhere the driver consistently\nuses this to match the USB meaning of IN and OUT viewed from the host,\nso that \"in\" ports send data to the host and \"out\" ports receive data\nfrom it.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21835",
          "url": "https://www.suse.com/security/cve/CVE-2025-21835"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239068 for CVE-2025-21835",
          "url": "https://bugzilla.suse.com/1239068"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21835"
    },
    {
      "cve": "CVE-2025-21838",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21838"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: flush gadget workqueue after device removal\n\ndevice_del() can lead to new work being scheduled in gadget-\u003ework\nworkqueue. This is observed, for example, with the dwc3 driver with the\nfollowing call stack:\n  device_del()\n    gadget_unbind_driver()\n      usb_gadget_disconnect_locked()\n        dwc3_gadget_pullup()\n\t  dwc3_gadget_soft_disconnect()\n\t    usb_gadget_set_state()\n\t      schedule_work(\u0026gadget-\u003ework)\n\nMove flush_work() after device_del() to ensure the workqueue is cleaned\nup.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21838",
          "url": "https://www.suse.com/security/cve/CVE-2025-21838"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239065 for CVE-2025-21838",
          "url": "https://bugzilla.suse.com/1239065"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21838"
    },
    {
      "cve": "CVE-2025-21844",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21844"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Add check for next_buffer in receive_encrypted_standard()\n\nAdd check for the return value of cifs_buf_get() and cifs_small_buf_get()\nin receive_encrypted_standard() to prevent null pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21844",
          "url": "https://www.suse.com/security/cve/CVE-2025-21844"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239512 for CVE-2025-21844",
          "url": "https://bugzilla.suse.com/1239512"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21844"
    },
    {
      "cve": "CVE-2025-21846",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21846"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacct: perform last write from workqueue\n\nIn [1] it was reported that the acct(2) system call can be used to\ntrigger NULL deref in cases where it is set to write to a file that\ntriggers an internal lookup. This can e.g., happen when pointing acc(2)\nto /sys/power/resume. At the point the where the write to this file\nhappens the calling task has already exited and called exit_fs(). A\nlookup will thus trigger a NULL-deref when accessing current-\u003efs.\n\nReorganize the code so that the the final write happens from the\nworkqueue but with the caller\u0027s credentials. This preserves the\n(strange) permission model and has almost no regression risk.\n\nThis api should stop to exist though.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21846",
          "url": "https://www.suse.com/security/cve/CVE-2025-21846"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239508 for CVE-2025-21846",
          "url": "https://bugzilla.suse.com/1239508"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21846"
    },
    {
      "cve": "CVE-2025-21847",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21847"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()\n\nThe nullity of sps-\u003ecstream should be checked similarly as it is done in\nsof_set_stream_data_offset() function.\nAssuming that it is not NULL if sps-\u003estream is NULL is incorrect and can\nlead to NULL pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21847",
          "url": "https://www.suse.com/security/cve/CVE-2025-21847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239471 for CVE-2025-21847",
          "url": "https://bugzilla.suse.com/1239471"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21847"
    },
    {
      "cve": "CVE-2025-21848",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21848"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\n\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21848",
          "url": "https://www.suse.com/security/cve/CVE-2025-21848"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239479 for CVE-2025-21848",
          "url": "https://bugzilla.suse.com/1239479"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21848"
    },
    {
      "cve": "CVE-2025-21850",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21850"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: Fix crash when a namespace is disabled\n\nThe namespace percpu counter protects pending I/O, and we can\nonly safely diable the namespace once the counter drop to zero.\nOtherwise we end up with a crash when running blktests/nvme/058\n(eg for loop transport):\n\n[ 2352.930426] [  T53909] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 2352.930431] [  T53909] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n[ 2352.930434] [  T53909] CPU: 3 UID: 0 PID: 53909 Comm: kworker/u16:5 Tainted: G        W          6.13.0-rc6 #232\n[ 2352.930438] [  T53909] Tainted: [W]=WARN\n[ 2352.930440] [  T53909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\n[ 2352.930443] [  T53909] Workqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\n[ 2352.930449] [  T53909] RIP: 0010:blkcg_set_ioprio+0x44/0x180\n\nas the queue is already torn down when calling submit_bio();\n\nSo we need to init the percpu counter in nvmet_ns_enable(), and\nwait for it to drop to zero in nvmet_ns_disable() to avoid having\nI/O pending after the namespace has been disabled.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21850",
          "url": "https://www.suse.com/security/cve/CVE-2025-21850"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239477 for CVE-2025-21850",
          "url": "https://bugzilla.suse.com/1239477"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21850"
    },
    {
      "cve": "CVE-2025-21855",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21855"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Don\u0027t reference skb after sending to VIOS\n\nPreviously, after successfully flushing the xmit buffer to VIOS,\nthe tx_bytes stat was incremented by the length of the skb.\n\nIt is invalid to access the skb memory after sending the buffer to\nthe VIOS because, at any point after sending, the VIOS can trigger\nan interrupt to free this memory. A race between reading skb-\u003elen\nand freeing the skb is possible (especially during LPM) and will\nresult in use-after-free:\n ==================================================================\n BUG: KASAN: slab-use-after-free in ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n Read of size 4 at addr c00000024eb48a70 by task hxecom/14495\n \u003c...\u003e\n Call Trace:\n [c000000118f66cf0] [c0000000018cba6c] dump_stack_lvl+0x84/0xe8 (unreliable)\n [c000000118f66d20] [c0000000006f0080] print_report+0x1a8/0x7f0\n [c000000118f66df0] [c0000000006f08f0] kasan_report+0x128/0x1f8\n [c000000118f66f00] [c0000000006f2868] __asan_load4+0xac/0xe0\n [c000000118f66f20] [c0080000046eac84] ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n [c000000118f67340] [c0000000014be168] dev_hard_start_xmit+0x150/0x358\n \u003c...\u003e\n Freed by task 0:\n kasan_save_stack+0x34/0x68\n kasan_save_track+0x2c/0x50\n kasan_save_free_info+0x64/0x108\n __kasan_mempool_poison_object+0x148/0x2d4\n napi_skb_cache_put+0x5c/0x194\n net_tx_action+0x154/0x5b8\n handle_softirqs+0x20c/0x60c\n do_softirq_own_stack+0x6c/0x88\n \u003c...\u003e\n The buggy address belongs to the object at c00000024eb48a00 which\n  belongs to the cache skbuff_head_cache of size 224\n==================================================================",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21855",
          "url": "https://www.suse.com/security/cve/CVE-2025-21855"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239484 for CVE-2025-21855",
          "url": "https://bugzilla.suse.com/1239484"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21855"
    },
    {
      "cve": "CVE-2025-21856",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21856"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ism: add release function for struct device\n\nAccording to device_release() in /drivers/base/core.c,\na device without a release function is a broken device\nand must be fixed.\n\nThe current code directly frees the device after calling device_add()\nwithout waiting for other kernel parts to release their references.\nThus, a reference could still be held to a struct device,\ne.g., by sysfs, leading to potential use-after-free\nissues if a proper release function is not set.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21856",
          "url": "https://www.suse.com/security/cve/CVE-2025-21856"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239486 for CVE-2025-21856",
          "url": "https://bugzilla.suse.com/1239486"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21856"
    },
    {
      "cve": "CVE-2025-21857",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21857"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_api: fix error handling causing NULL dereference\n\ntcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can\nreturn 1 if the allocation succeeded after wrapping. This was treated as\nan error, with value 1 returned to caller tcf_exts_init_ex() which sets\nexts-\u003eactions to NULL and returns 1 to caller fl_change().\n\nfl_change() treats err == 1 as success, calling tcf_exts_validate_ex()\nwhich calls tcf_action_init() with exts-\u003eactions as argument, where it\nis dereferenced.\n\nExample trace:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCPU: 114 PID: 16151 Comm: handler114 Kdump: loaded Not tainted 5.14.0-503.16.1.el9_5.x86_64 #1\nRIP: 0010:tcf_action_init+0x1f8/0x2c0\nCall Trace:\n tcf_action_init+0x1f8/0x2c0\n tcf_exts_validate_ex+0x175/0x190\n fl_change+0x537/0x1120 [cls_flower]",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21857",
          "url": "https://www.suse.com/security/cve/CVE-2025-21857"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239478 for CVE-2025-21857",
          "url": "https://bugzilla.suse.com/1239478"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21857"
    },
    {
      "cve": "CVE-2025-21858",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21858"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: Fix use-after-free in geneve_find_dev().\n\nsyzkaller reported a use-after-free in geneve_find_dev() [0]\nwithout repro.\n\ngeneve_configure() links struct geneve_dev.next to\nnet_generic(net, geneve_net_id)-\u003egeneve_list.\n\nThe net here could differ from dev_net(dev) if IFLA_NET_NS_PID,\nIFLA_NET_NS_FD, or IFLA_TARGET_NETNSID is set.\n\nWhen dev_net(dev) is dismantled, geneve_exit_batch_rtnl() finally\ncalls unregister_netdevice_queue() for each dev in the netns,\nand later the dev is freed.\n\nHowever, its geneve_dev.next is still linked to the backend UDP\nsocket netns.\n\nThen, use-after-free will occur when another geneve dev is created\nin the netns.\n\nLet\u0027s call geneve_dellink() instead in geneve_destroy_tunnels().\n\n[0]:\nBUG: KASAN: slab-use-after-free in geneve_find_dev drivers/net/geneve.c:1295 [inline]\nBUG: KASAN: slab-use-after-free in geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\nRead of size 2 at addr ffff000054d6ee24 by task syz.1.4029/13441\n\nCPU: 1 UID: 0 PID: 13441 Comm: syz.1.4029 Not tainted 6.13.0-g0ad9617c78ac #24 dc35ca22c79fb82e8e7bc5c9c9adafea898b1e3d\nHardware name: linux,dummy-virt (DT)\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load2_noabort+0x20/0x30 mm/kasan/report_generic.c:379\n geneve_find_dev drivers/net/geneve.c:1295 [inline]\n geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\n geneve_newlink+0xb8/0x128 drivers/net/geneve.c:1634\n rtnl_newlink_create+0x23c/0x868 net/core/rtnetlink.c:3795\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:713 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x410/0x6f8 net/socket.c:2568\n ___sys_sendmsg+0x178/0x1d8 net/socket.c:2622\n __sys_sendmsg net/socket.c:2654 [inline]\n __do_sys_sendmsg net/socket.c:2659 [inline]\n __se_sys_sendmsg net/socket.c:2657 [inline]\n __arm64_sys_sendmsg+0x12c/0x1c8 net/socket.c:2657\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el0_svc+0x4c/0xa8 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x1a0 arch/arm64/kernel/entry.S:600\n\nAllocated by task 13247:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4298 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4304\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:645\n alloc_netdev_mqs+0xb8/0x11a0 net/core/dev.c:11470\n rtnl_create_link+0x2b8/0xb50 net/core/rtnetlink.c:3604\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3780\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_n\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21858",
          "url": "https://www.suse.com/security/cve/CVE-2025-21858"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239468 for CVE-2025-21858",
          "url": "https://bugzilla.suse.com/1239468"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21858"
    },
    {
      "cve": "CVE-2025-21859",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21859"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: f_midi: f_midi_complete to call queue_work\n\nWhen using USB MIDI, a lock is attempted to be acquired twice through a\nre-entrant call to f_midi_transmit, causing a deadlock.\n\nFix it by using queue_work() to schedule the inner f_midi_transmit() via\na high priority work queue from the completion handler.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21859",
          "url": "https://www.suse.com/security/cve/CVE-2025-21859"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239467 for CVE-2025-21859",
          "url": "https://bugzilla.suse.com/1239467"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21859"
    },
    {
      "cve": "CVE-2025-21861",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21861"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate_device: don\u0027t add folio to be freed to LRU in migrate_device_finalize()\n\nIf migration succeeded, we called\nfolio_migrate_flags()-\u003emem_cgroup_migrate() to migrate the memcg from the\nold to the new folio.  This will set memcg_data of the old folio to 0.\n\nSimilarly, if migration failed, memcg_data of the dst folio is left unset.\n\nIf we call folio_putback_lru() on such folios (memcg_data == 0), we will\nadd the folio to be freed to the LRU, making memcg code unhappy.  Running\nthe hmm selftests:\n\n  # ./hmm-tests\n  ...\n  #  RUN           hmm.hmm_device_private.migrate ...\n  [  102.078007][T14893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7ff27d200 pfn:0x13cc00\n  [  102.079974][T14893] anon flags: 0x17ff00000020018(uptodate|dirty|swapbacked|node=0|zone=2|lastcpupid=0x7ff)\n  [  102.082037][T14893] raw: 017ff00000020018 dead000000000100 dead000000000122 ffff8881353896c9\n  [  102.083687][T14893] raw: 00000007ff27d200 0000000000000000 00000001ffffffff 0000000000000000\n  [  102.085331][T14893] page dumped because: VM_WARN_ON_ONCE_FOLIO(!memcg \u0026\u0026 !mem_cgroup_disabled())\n  [  102.087230][T14893] ------------[ cut here ]------------\n  [  102.088279][T14893] WARNING: CPU: 0 PID: 14893 at ./include/linux/memcontrol.h:726 folio_lruvec_lock_irqsave+0x10e/0x170\n  [  102.090478][T14893] Modules linked in:\n  [  102.091244][T14893] CPU: 0 UID: 0 PID: 14893 Comm: hmm-tests Not tainted 6.13.0-09623-g6c216bc522fd #151\n  [  102.093089][T14893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n  [  102.094848][T14893] RIP: 0010:folio_lruvec_lock_irqsave+0x10e/0x170\n  [  102.096104][T14893] Code: ...\n  [  102.099908][T14893] RSP: 0018:ffffc900236c37b0 EFLAGS: 00010293\n  [  102.101152][T14893] RAX: 0000000000000000 RBX: ffffea0004f30000 RCX: ffffffff8183f426\n  [  102.102684][T14893] RDX: ffff8881063cb880 RSI: ffffffff81b8117f RDI: ffff8881063cb880\n  [  102.104227][T14893] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000\n  [  102.105757][T14893] R10: 0000000000000001 R11: 0000000000000002 R12: ffffc900236c37d8\n  [  102.107296][T14893] R13: ffff888277a2bcb0 R14: 000000000000001f R15: 0000000000000000\n  [  102.108830][T14893] FS:  00007ff27dbdd740(0000) GS:ffff888277a00000(0000) knlGS:0000000000000000\n  [  102.110643][T14893] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n  [  102.111924][T14893] CR2: 00007ff27d400000 CR3: 000000010866e000 CR4: 0000000000750ef0\n  [  102.113478][T14893] PKRU: 55555554\n  [  102.114172][T14893] Call Trace:\n  [  102.114805][T14893]  \u003cTASK\u003e\n  [  102.115397][T14893]  ? folio_lruvec_lock_irqsave+0x10e/0x170\n  [  102.116547][T14893]  ? __warn.cold+0x110/0x210\n  [  102.117461][T14893]  ? folio_lruvec_lock_irqsave+0x10e/0x170\n  [  102.118667][T14893]  ? report_bug+0x1b9/0x320\n  [  102.119571][T14893]  ? handle_bug+0x54/0x90\n  [  102.120494][T14893]  ? exc_invalid_op+0x17/0x50\n  [  102.121433][T14893]  ? asm_exc_invalid_op+0x1a/0x20\n  [  102.122435][T14893]  ? __wake_up_klogd.part.0+0x76/0xd0\n  [  102.123506][T14893]  ? dump_page+0x4f/0x60\n  [  102.124352][T14893]  ? folio_lruvec_lock_irqsave+0x10e/0x170\n  [  102.125500][T14893]  folio_batch_move_lru+0xd4/0x200\n  [  102.126577][T14893]  ? __pfx_lru_add+0x10/0x10\n  [  102.127505][T14893]  __folio_batch_add_and_move+0x391/0x720\n  [  102.128633][T14893]  ? __pfx_lru_add+0x10/0x10\n  [  102.129550][T14893]  folio_putback_lru+0x16/0x80\n  [  102.130564][T14893]  migrate_device_finalize+0x9b/0x530\n  [  102.131640][T14893]  dmirror_migrate_to_device.constprop.0+0x7c5/0xad0\n  [  102.133047][T14893]  dmirror_fops_unlocked_ioctl+0x89b/0xc80\n\nLikely, nothing else goes wrong: putting the last folio reference will\nremove the folio from the LRU again.  So besides memcg complaining, adding\nthe folio to be freed to the LRU is just an unnecessary step.\n\nThe new flow resembles what we have in migrate_folio_move(): add the dst\nto the lru, rem\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21861",
          "url": "https://www.suse.com/security/cve/CVE-2025-21861"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239483 for CVE-2025-21861",
          "url": "https://bugzilla.suse.com/1239483"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21861"
    },
    {
      "cve": "CVE-2025-21862",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21862"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: fix incorrect initialization order\n\nSyzkaller reports the following bug:\n\nBUG: spinlock bad magic on CPU#1, syz-executor.0/7995\n lock: 0xffff88805303f3e0, .magic: 00000000, .owner: \u003cnone\u003e/-1, .owner_cpu: 0\nCPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G            E     5.10.209+ #1\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x119/0x179 lib/dump_stack.c:118\n debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]\n do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]\n _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159\n reset_per_cpu_data+0xe6/0x240 [drop_monitor]\n net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor]\n genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497\n genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:651 [inline]\n __sock_sendmsg+0x157/0x190 net/socket.c:663\n ____sys_sendmsg+0x712/0x870 net/socket.c:2378\n ___sys_sendmsg+0xf8/0x170 net/socket.c:2432\n __sys_sendmsg+0xea/0x1b0 net/socket.c:2461\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\nRIP: 0033:0x7f3f9815aee9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9\nRDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007\nRBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768\n\nIf drop_monitor is built as a kernel module, syzkaller may have time\nto send a netlink NET_DM_CMD_START message during the module loading.\nThis will call the net_dm_monitor_start() function that uses\na spinlock that has not yet been initialized.\n\nTo fix this, let\u0027s place resource initialization above the registration\nof a generic netlink family.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21862",
          "url": "https://www.suse.com/security/cve/CVE-2025-21862"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239474 for CVE-2025-21862",
          "url": "https://bugzilla.suse.com/1239474"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21862"
    },
    {
      "cve": "CVE-2025-21864",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21864"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: drop secpath at the same time as we currently drop dst\n\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\nrunning tests that boil down to:\n - create a pair of netns\n - run a basic TCP test over ipcomp6\n - delete the pair of netns\n\nThe xfrm_state found on spi_byaddr was not deleted at the time we\ndelete the netns, because we still have a reference on it. This\nlingering reference comes from a secpath (which holds a ref on the\nxfrm_state), which is still attached to an skb. This skb is not\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\nskb_attempt_defer_free.\n\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\nthat case, we still have a reference on the xfrm_state that we don\u0027t\nexpect at this point.\n\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\nlonger needed, so let\u0027s also drop the secpath. At this point,\ntcp_filter has already called into the LSM hooks that may require the\nsecpath, so it should not be needed anymore. However, in some of those\nplaces, the MPTCP extension has just been attached to the skb, so we\ncannot simply drop all extensions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21864",
          "url": "https://www.suse.com/security/cve/CVE-2025-21864"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239482 for CVE-2025-21864",
          "url": "https://bugzilla.suse.com/1239482"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21864"
    },
    {
      "cve": "CVE-2025-21865",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21865"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().\n\nBrad Spengler reported the list_del() corruption splat in\ngtp_net_exit_batch_rtnl(). [0]\n\nCommit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns\ndismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl()\nto destroy devices in each netns as done in geneve and ip tunnels.\n\nHowever, this could trigger -\u003edellink() twice for the same device during\n-\u003eexit_batch_rtnl().\n\nSay we have two netns A \u0026 B and gtp device B that resides in netns B but\nwhose UDP socket is in netns A.\n\n  1. cleanup_net() processes netns A and then B.\n\n  2. gtp_net_exit_batch_rtnl() finds the device B while iterating\n     netns A\u0027s gn-\u003egtp_dev_list and calls -\u003edellink().\n\n  [ device B is not yet unlinked from netns B\n    as unregister_netdevice_many() has not been called. ]\n\n  3. gtp_net_exit_batch_rtnl() finds the device B while iterating\n     netns B\u0027s for_each_netdev() and calls -\u003edellink().\n\ngtp_dellink() cleans up the device\u0027s hash table, unlinks the dev from\ngn-\u003egtp_dev_list, and calls unregister_netdevice_queue().\n\nBasically, calling gtp_dellink() multiple times is fine unless\nCONFIG_DEBUG_LIST is enabled.\n\nLet\u0027s remove for_each_netdev() in gtp_net_exit_batch_rtnl() and\ndelegate the destruction to default_device_exit_batch() as done\nin bareudp.\n\n[0]:\nlist_del corruption, ffff8880aaa62c00-\u003enext (autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]) is LIST_POISON1 (ffffffffffffff02) (prev is 0xffffffffffffff04)\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 UID: 0 PID: 1804 Comm: kworker/u8:7 Tainted: G                T   6.12.13-grsec-full-20250211091339 #1\nTainted: [T]=RANDSTRUCT\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:[\u003cffffffff84947381\u003e] __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nCode: c2 76 91 31 c0 e8 9f b1 f7 fc 0f 0b 4d 89 f0 48 c7 c1 02 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 e0 c2 76 91 31 c0 e8 7f b1 f7 fc \u003c0f\u003e 0b 4d 89 e8 48 c7 c1 04 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 60\nRSP: 0018:fffffe8040b4fbd0 EFLAGS: 00010283\nRAX: 00000000000000cc RBX: dffffc0000000000 RCX: ffffffff818c4054\nRDX: ffffffff84947381 RSI: ffffffff818d1512 RDI: 0000000000000000\nRBP: ffff8880aaa62c00 R08: 0000000000000001 R09: fffffbd008169f32\nR10: fffffe8040b4f997 R11: 0000000000000001 R12: a1988d84f24943e4\nR13: ffffffffffffff02 R14: ffffffffffffff04 R15: ffff8880aaa62c08\nRBX: kasan shadow of 0x0\nRCX: __wake_up_klogd.part.0+0x74/0xe0 kernel/printk/printk.c:4554\nRDX: __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nRSI: vprintk+0x72/0x100 kernel/printk/printk_safe.c:71\nRBP: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]\nRSP: process kstack fffffe8040b4fbd0+0x7bd0/0x8000 [kworker/u8:7+netns 1804 ]\nR09: kasan shadow of process kstack fffffe8040b4f990+0x7990/0x8000 [kworker/u8:7+netns 1804 ]\nR10: process kstack fffffe8040b4f997+0x7997/0x8000 [kworker/u8:7+netns 1804 ]\nR15: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc08/0x1000 [slab object]\nFS:  0000000000000000(0000) GS:ffff888116000000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000748f5372c000 CR3: 0000000015408000 CR4: 00000000003406f0 shadow CR4: 00000000003406f0\nStack:\n 0000000000000000 ffffffff8a0c35e7 ffffffff8a0c3603 ffff8880aaa62c00\n ffff8880aaa62c00 0000000000000004 ffff88811145311c 0000000000000005\n 0000000000000001 ffff8880aaa62000 fffffe8040b4fd40 ffffffff8a0c360d\nCall Trace:\n \u003cTASK\u003e\n [\u003cffffffff8a0c360d\u003e] __list_del_entry_valid include/linux/list.h:131 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] __list_del_entry include/linux/list.h:248 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] list_del include/linux/list.h:262 [inl\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21865",
          "url": "https://www.suse.com/security/cve/CVE-2025-21865"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239481 for CVE-2025-21865",
          "url": "https://bugzilla.suse.com/1239481"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21865"
    },
    {
      "cve": "CVE-2025-21866",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21866"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC\n\nErhard reported the following KASAN hit while booting his PowerMac G4\nwith a KASAN-enabled kernel 6.13-rc6:\n\n  BUG: KASAN: vmalloc-out-of-bounds in copy_to_kernel_nofault+0xd8/0x1c8\n  Write of size 8 at addr f1000000 by task chronyd/1293\n\n  CPU: 0 UID: 123 PID: 1293 Comm: chronyd Tainted: G        W          6.13.0-rc6-PMacG4 #2\n  Tainted: [W]=WARN\n  Hardware name: PowerMac3,6 7455 0x80010303 PowerMac\n  Call Trace:\n  [c2437590] [c1631a84] dump_stack_lvl+0x70/0x8c (unreliable)\n  [c24375b0] [c0504998] print_report+0xdc/0x504\n  [c2437610] [c050475c] kasan_report+0xf8/0x108\n  [c2437690] [c0505a3c] kasan_check_range+0x24/0x18c\n  [c24376a0] [c03fb5e4] copy_to_kernel_nofault+0xd8/0x1c8\n  [c24376c0] [c004c014] patch_instructions+0x15c/0x16c\n  [c2437710] [c00731a8] bpf_arch_text_copy+0x60/0x7c\n  [c2437730] [c0281168] bpf_jit_binary_pack_finalize+0x50/0xac\n  [c2437750] [c0073cf4] bpf_int_jit_compile+0xb30/0xdec\n  [c2437880] [c0280394] bpf_prog_select_runtime+0x15c/0x478\n  [c24378d0] [c1263428] bpf_prepare_filter+0xbf8/0xc14\n  [c2437990] [c12677ec] bpf_prog_create_from_user+0x258/0x2b4\n  [c24379d0] [c027111c] do_seccomp+0x3dc/0x1890\n  [c2437ac0] [c001d8e0] system_call_exception+0x2dc/0x420\n  [c2437f30] [c00281ac] ret_from_syscall+0x0/0x2c\n  --- interrupt: c00 at 0x5a1274\n  NIP:  005a1274 LR: 006a3b3c CTR: 005296c8\n  REGS: c2437f40 TRAP: 0c00   Tainted: G        W           (6.13.0-rc6-PMacG4)\n  MSR:  0200f932 \u003cVEC,EE,PR,FP,ME,IR,DR,RI\u003e  CR: 24004422  XER: 00000000\n\n  GPR00: 00000166 af8f3fa0 a7ee3540 00000001 00000000 013b6500 005a5858 0200f932\n  GPR08: 00000000 00001fe9 013d5fc8 005296c8 2822244c 00b2fcd8 00000000 af8f4b57\n  GPR16: 00000000 00000001 00000000 00000000 00000000 00000001 00000000 00000002\n  GPR24: 00afdbb0 00000000 00000000 00000000 006e0004 013ce060 006e7c1c 00000001\n  NIP [005a1274] 0x5a1274\n  LR [006a3b3c] 0x6a3b3c\n  --- interrupt: c00\n\n  The buggy address belongs to the virtual mapping at\n   [f1000000, f1002000) created by:\n   text_area_cpu_up+0x20/0x190\n\n  The buggy address belongs to the physical page:\n  page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x76e30\n  flags: 0x80000000(zone=2)\n  raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001\n  raw: 00000000\n  page dumped because: kasan: bad access detected\n\n  Memory state around the buggy address:\n   f0ffff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n   f0ffff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n  \u003ef1000000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n             ^\n   f1000080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n   f1000100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n  ==================================================================\n\nf8 corresponds to KASAN_VMALLOC_INVALID which means the area is not\ninitialised hence not supposed to be used yet.\n\nPowerpc text patching infrastructure allocates a virtual memory area\nusing get_vm_area() and flags it as VM_ALLOC. But that flag is meant\nto be used for vmalloc() and vmalloc() allocated memory is not\nsupposed to be used before a call to __vmalloc_node_range() which is\nnever called for that area.\n\nThat went undetected until commit e4137f08816b (\"mm, kasan, kmsan:\ninstrument copy_from/to_kernel_nofault\")\n\nThe area allocated by text_area_cpu_up() is not vmalloc memory, it is\nmapped directly on demand when needed by map_kernel_page(). There is\nno VM flag corresponding to such usage, so just pass no flag. That way\nthe area will be unpoisonned and usable immediately.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21866",
          "url": "https://www.suse.com/security/cve/CVE-2025-21866"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1239473 for CVE-2025-21866",
          "url": "https://bugzilla.suse.com/1239473"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21866"
    },
    {
      "cve": "CVE-2025-21869",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21869"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Disable KASAN report during patching via temporary mm\n\nErhard reports the following KASAN hit on Talos II (power9) with kernel 6.13:\n\n[   12.028126] ==================================================================\n[   12.028198] BUG: KASAN: user-memory-access in copy_to_kernel_nofault+0x8c/0x1a0\n[   12.028260] Write of size 8 at addr 0000187e458f2000 by task systemd/1\n\n[   12.028346] CPU: 87 UID: 0 PID: 1 Comm: systemd Tainted: G                T  6.13.0-P9-dirty #3\n[   12.028408] Tainted: [T]=RANDSTRUCT\n[   12.028446] Hardware name: T2P9D01 REV 1.01 POWER9 0x4e1202 opal:skiboot-bc106a0 PowerNV\n[   12.028500] Call Trace:\n[   12.028536] [c000000008dbf3b0] [c000000001656a48] dump_stack_lvl+0xbc/0x110 (unreliable)\n[   12.028609] [c000000008dbf3f0] [c0000000006e2fc8] print_report+0x6b0/0x708\n[   12.028666] [c000000008dbf4e0] [c0000000006e2454] kasan_report+0x164/0x300\n[   12.028725] [c000000008dbf600] [c0000000006e54d4] kasan_check_range+0x314/0x370\n[   12.028784] [c000000008dbf640] [c0000000006e6310] __kasan_check_write+0x20/0x40\n[   12.028842] [c000000008dbf660] [c000000000578e8c] copy_to_kernel_nofault+0x8c/0x1a0\n[   12.028902] [c000000008dbf6a0] [c0000000000acfe4] __patch_instructions+0x194/0x210\n[   12.028965] [c000000008dbf6e0] [c0000000000ade80] patch_instructions+0x150/0x590\n[   12.029026] [c000000008dbf7c0] [c0000000001159bc] bpf_arch_text_copy+0x6c/0xe0\n[   12.029085] [c000000008dbf800] [c000000000424250] bpf_jit_binary_pack_finalize+0x40/0xc0\n[   12.029147] [c000000008dbf830] [c000000000115dec] bpf_int_jit_compile+0x3bc/0x930\n[   12.029206] [c000000008dbf990] [c000000000423720] bpf_prog_select_runtime+0x1f0/0x280\n[   12.029266] [c000000008dbfa00] [c000000000434b18] bpf_prog_load+0xbb8/0x1370\n[   12.029324] [c000000008dbfb70] [c000000000436ebc] __sys_bpf+0x5ac/0x2e00\n[   12.029379] [c000000008dbfd00] [c00000000043a228] sys_bpf+0x28/0x40\n[   12.029435] [c000000008dbfd20] [c000000000038eb4] system_call_exception+0x334/0x610\n[   12.029497] [c000000008dbfe50] [c00000000000c270] system_call_vectored_common+0xf0/0x280\n[   12.029561] --- interrupt: 3000 at 0x3fff82f5cfa8\n[   12.029608] NIP:  00003fff82f5cfa8 LR: 00003fff82f5cfa8 CTR: 0000000000000000\n[   12.029660] REGS: c000000008dbfe80 TRAP: 3000   Tainted: G                T   (6.13.0-P9-dirty)\n[   12.029735] MSR:  900000000280f032 \u003cSF,HV,VEC,VSX,EE,PR,FP,ME,IR,DR,RI\u003e  CR: 42004848  XER: 00000000\n[   12.029855] IRQMASK: 0\n               GPR00: 0000000000000169 00003fffdcf789a0 00003fff83067100 0000000000000005\n               GPR04: 00003fffdcf78a98 0000000000000090 0000000000000000 0000000000000008\n               GPR08: 0000000000000000 0000000000000000 0000000000000000 0000000000000000\n               GPR12: 0000000000000000 00003fff836ff7e0 c000000000010678 0000000000000000\n               GPR16: 0000000000000000 0000000000000000 00003fffdcf78f28 00003fffdcf78f90\n               GPR20: 0000000000000000 0000000000000000 0000000000000000 00003fffdcf78f80\n               GPR24: 00003fffdcf78f70 00003fffdcf78d10 00003fff835c7239 00003fffdcf78bd8\n               GPR28: 00003fffdcf78a98 0000000000000000 0000000000000000 000000011f547580\n[   12.030316] NIP [00003fff82f5cfa8] 0x3fff82f5cfa8\n[   12.030361] LR [00003fff82f5cfa8] 0x3fff82f5cfa8\n[   12.030405] --- interrupt: 3000\n[   12.030444] ==================================================================\n\nCommit c28c15b6d28a (\"powerpc/code-patching: Use temporary mm for\nRadix MMU\") is inspired from x86 but unlike x86 is doesn\u0027t disable\nKASAN reports during patching. This wasn\u0027t a problem at the begining\nbecause __patch_mem() is not instrumented.\n\nCommit 465cabc97b42 (\"powerpc/code-patching: introduce\npatch_instructions()\") use copy_to_kernel_nofault() to copy several\ninstructions at once. But when using temporary mm the destination is\nnot regular kernel memory but a kind of kernel-like memory located\nin user address space. \n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21869",
          "url": "https://www.suse.com/security/cve/CVE-2025-21869"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240182 for CVE-2025-21869",
          "url": "https://bugzilla.suse.com/1240182"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21869"
    },
    {
      "cve": "CVE-2025-21870",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21870"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers\n\nOther, non DAI copier widgets could have the same  stream name (sname) as\nthe ALH copier and in that case the copier-\u003edata is NULL, no alh_data is\nattached, which could lead to NULL pointer dereference.\nWe could check for this NULL pointer in sof_ipc4_prepare_copier_module()\nand avoid the crash, but a similar loop in sof_ipc4_widget_setup_comp_dai()\nwill miscalculate the ALH device count, causing broken audio.\n\nThe correct fix is to harden the matching logic by making sure that the\n1. widget is a DAI widget - so dai = w-\u003eprivate is valid\n2. the dai (and thus the copier) is ALH copier",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21870",
          "url": "https://www.suse.com/security/cve/CVE-2025-21870"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240191 for CVE-2025-21870",
          "url": "https://bugzilla.suse.com/1240191"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21870"
    },
    {
      "cve": "CVE-2025-21871",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21871"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: optee: Fix supplicant wait loop\n\nOP-TEE supplicant is a user-space daemon and it\u0027s possible for it\nbe hung or crashed or killed in the middle of processing an OP-TEE\nRPC call. It becomes more complicated when there is incorrect shutdown\nordering of the supplicant process vs the OP-TEE client application which\ncan eventually lead to system hang-up waiting for the closure of the\nclient application.\n\nAllow the client process waiting in kernel for supplicant response to\nbe killed rather than indefinitely waiting in an unkillable state. Also,\na normal uninterruptible wait should not have resulted in the hung-task\nwatchdog getting triggered, but the endless loop would.\n\nThis fixes issues observed during system reboot/shutdown when supplicant\ngot hung for some reason or gets crashed/killed which lead to client\ngetting hung in an unkillable state. It in turn lead to system being in\nhung up state requiring hard power off/on to recover.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21871",
          "url": "https://www.suse.com/security/cve/CVE-2025-21871"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240183 for CVE-2025-21871",
          "url": "https://bugzilla.suse.com/1240183"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21871"
    },
    {
      "cve": "CVE-2025-21876",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21876"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix suspicious RCU usage\n\nCommit \u003cd74169ceb0d2\u003e (\"iommu/vt-d: Allocate DMAR fault interrupts\nlocally\") moved the call to enable_drhd_fault_handling() to a code\npath that does not hold any lock while traversing the drhd list. Fix\nit by ensuring the dmar_global_lock lock is held when traversing the\ndrhd list.\n\nWithout this fix, the following warning is triggered:\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3 #55 Not tainted\n -----------------------------\n drivers/iommu/intel/dmar.c:2046 RCU-list traversed in non-reader section!!\n               other info that might help us debug this:\n               rcu_scheduler_active = 1, debug_locks = 1\n 2 locks held by cpuhp/1/23:\n #0: ffffffff84a67c50 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n #1: ffffffff84a6a380 (cpuhp_state-up){+.+.}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n stack backtrace:\n CPU: 1 UID: 0 PID: 23 Comm: cpuhp/1 Not tainted 6.14.0-rc3 #55\n Call Trace:\n  \u003cTASK\u003e\n  dump_stack_lvl+0xb7/0xd0\n  lockdep_rcu_suspicious+0x159/0x1f0\n  ? __pfx_enable_drhd_fault_handling+0x10/0x10\n  enable_drhd_fault_handling+0x151/0x180\n  cpuhp_invoke_callback+0x1df/0x990\n  cpuhp_thread_fun+0x1ea/0x2c0\n  smpboot_thread_fn+0x1f5/0x2e0\n  ? __pfx_smpboot_thread_fn+0x10/0x10\n  kthread+0x12a/0x2d0\n  ? __pfx_kthread+0x10/0x10\n  ret_from_fork+0x4a/0x60\n  ? __pfx_kthread+0x10/0x10\n  ret_from_fork_asm+0x1a/0x30\n  \u003c/TASK\u003e\n\nHolding the lock in enable_drhd_fault_handling() triggers a lockdep splat\nabout a possible deadlock between dmar_global_lock and cpu_hotplug_lock.\nThis is avoided by not holding dmar_global_lock when calling\niommu_device_register(), which initiates the device probe process.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21876",
          "url": "https://www.suse.com/security/cve/CVE-2025-21876"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240179 for CVE-2025-21876",
          "url": "https://bugzilla.suse.com/1240179"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21876"
    },
    {
      "cve": "CVE-2025-21877",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21877"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: gl620a: fix endpoint checking in genelink_bind()\n\nSyzbot reports [1] a warning in usb_submit_urb() triggered by\ninconsistencies between expected and actually present endpoints\nin gl620a driver. Since genelink_bind() does not properly\nverify whether specified eps are in fact provided by the device,\nin this case, an artificially manufactured one, one may get a\nmismatch.\n\nFix the issue by resorting to a usbnet utility function\nusbnet_get_endpoints(), usually reserved for this very problem.\nCheck for endpoints and return early before proceeding further if\nany are missing.\n\n[1] Syzbot report:\nusb 5-1: Manufacturer: syz\nusb 5-1: SerialNumber: syz\nusb 5-1: config 0 descriptor??\ngl620a 5-1:0.23 usb0: register \u0027gl620a\u0027 at usb-dummy_hcd.0-1, ...\n------------[ cut here ]------------\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 2 PID: 1841 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nModules linked in:\nCPU: 2 UID: 0 PID: 1841 Comm: kworker/2:2 Not tainted 6.12.0-syzkaller-07834-g06afb0f36106 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n usbnet_start_xmit+0x6be/0x2780 drivers/net/usb/usbnet.c:1467\n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n xmit_one net/core/dev.c:3590 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3606\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:3827 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4400\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_resolve_output net/core/neighbour.c:1514 [inline]\n neigh_resolve_output+0x5bc/0x950 net/core/neighbour.c:1494\n neigh_output include/net/neighbour.h:539 [inline]\n ip6_finish_output2+0xb1b/0x2070 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0x3f9/0x1360 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x1f8/0x540 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n mld_sendpack+0x9f0/0x11d0 net/ipv6/mcast.c:1819\n mld_send_cr net/ipv6/mcast.c:2120 [inline]\n mld_ifc_work+0x740/0xca0 net/ipv6/mcast.c:2651\n process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21877",
          "url": "https://www.suse.com/security/cve/CVE-2025-21877"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240172 for CVE-2025-21877",
          "url": "https://bugzilla.suse.com/1240172"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21877"
    },
    {
      "cve": "CVE-2025-21878",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21878"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: npcm: disable interrupt enable bit before devm_request_irq\n\nThe customer reports that there is a soft lockup issue related to\nthe i2c driver. After checking, the i2c module was doing a tx transfer\nand the bmc machine reboots in the middle of the i2c transaction, the i2c\nmodule keeps the status without being reset.\n\nDue to such an i2c module status, the i2c irq handler keeps getting\ntriggered since the i2c irq handler is registered in the kernel booting\nprocess after the bmc machine is doing a warm rebooting.\nThe continuous triggering is stopped by the soft lockup watchdog timer.\n\nDisable the interrupt enable bit in the i2c module before calling\ndevm_request_irq to fix this issue since the i2c relative status bit\nis read-only.\n\nHere is the soft lockup log.\n[   28.176395] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [swapper/0:1]\n[   28.183351] Modules linked in:\n[   28.186407] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.15.120-yocto-s-dirty-bbebc78 #1\n[   28.201174] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[   28.208128] pc : __do_softirq+0xb0/0x368\n[   28.212055] lr : __do_softirq+0x70/0x368\n[   28.215972] sp : ffffff8035ebca00\n[   28.219278] x29: ffffff8035ebca00 x28: 0000000000000002 x27: ffffff80071a3780\n[   28.226412] x26: ffffffc008bdc000 x25: ffffffc008bcc640 x24: ffffffc008be50c0\n[   28.233546] x23: ffffffc00800200c x22: 0000000000000000 x21: 000000000000001b\n[   28.240679] x20: 0000000000000000 x19: ffffff80001c3200 x18: ffffffffffffffff\n[   28.247812] x17: ffffffc02d2e0000 x16: ffffff8035eb8b40 x15: 00001e8480000000\n[   28.254945] x14: 02c3647e37dbfcb6 x13: 02c364f2ab14200c x12: 0000000002c364f2\n[   28.262078] x11: 00000000fa83b2da x10: 000000000000b67e x9 : ffffffc008010250\n[   28.269211] x8 : 000000009d983d00 x7 : 7fffffffffffffff x6 : 0000036d74732434\n[   28.276344] x5 : 00ffffffffffffff x4 : 0000000000000015 x3 : 0000000000000198\n[   28.283476] x2 : ffffffc02d2e0000 x1 : 00000000000000e0 x0 : ffffffc008bdcb40\n[   28.290611] Call trace:\n[   28.293052]  __do_softirq+0xb0/0x368\n[   28.296625]  __irq_exit_rcu+0xe0/0x100\n[   28.300374]  irq_exit+0x14/0x20\n[   28.303513]  handle_domain_irq+0x68/0x90\n[   28.307440]  gic_handle_irq+0x78/0xb0\n[   28.311098]  call_on_irq_stack+0x20/0x38\n[   28.315019]  do_interrupt_handler+0x54/0x5c\n[   28.319199]  el1_interrupt+0x2c/0x4c\n[   28.322777]  el1h_64_irq_handler+0x14/0x20\n[   28.326872]  el1h_64_irq+0x74/0x78\n[   28.330269]  __setup_irq+0x454/0x780\n[   28.333841]  request_threaded_irq+0xd0/0x1b4\n[   28.338107]  devm_request_threaded_irq+0x84/0x100\n[   28.342809]  npcm_i2c_probe_bus+0x188/0x3d0\n[   28.346990]  platform_probe+0x6c/0xc4\n[   28.350653]  really_probe+0xcc/0x45c\n[   28.354227]  __driver_probe_device+0x8c/0x160\n[   28.358578]  driver_probe_device+0x44/0xe0\n[   28.362670]  __driver_attach+0x124/0x1d0\n[   28.366589]  bus_for_each_dev+0x7c/0xe0\n[   28.370426]  driver_attach+0x28/0x30\n[   28.373997]  bus_add_driver+0x124/0x240\n[   28.377830]  driver_register+0x7c/0x124\n[   28.381662]  __platform_driver_register+0x2c/0x34\n[   28.386362]  npcm_i2c_init+0x3c/0x5c\n[   28.389937]  do_one_initcall+0x74/0x230\n[   28.393768]  kernel_init_freeable+0x24c/0x2b4\n[   28.398126]  kernel_init+0x28/0x130\n[   28.401614]  ret_from_fork+0x10/0x20\n[   28.405189] Kernel panic - not syncing: softlockup: hung tasks\n[   28.411011] SMP: stopping secondary CPUs\n[   28.414933] Kernel Offset: disabled\n[   28.418412] CPU features: 0x00000000,00000802\n[   28.427644] Rebooting in 20 seconds..",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21878",
          "url": "https://www.suse.com/security/cve/CVE-2025-21878"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240192 for CVE-2025-21878",
          "url": "https://bugzilla.suse.com/1240192"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21878"
    },
    {
      "cve": "CVE-2025-21883",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21883"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix deinitializing VF in error path\n\nIf ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees\nall VFs without removing them from snapshot PF-VF mailbox list, leading\nto list corruption.\n\nReproducer:\n  devlink dev eswitch set $PF1_PCI mode switchdev\n  ip l s $PF1 up\n  ip l s $PF1 promisc on\n  sleep 1\n  echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n  sleep 1\n  echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n\nTrace (minimized):\n  list_add corruption. next-\u003eprev should be prev (ffff8882e241c6f0), but was 0000000000000000. (next=ffff888455da1330).\n  kernel BUG at lib/list_debug.c:29!\n  RIP: 0010:__list_add_valid_or_report+0xa6/0x100\n   ice_mbx_init_vf_info+0xa7/0x180 [ice]\n   ice_initialize_vf_entry+0x1fa/0x250 [ice]\n   ice_sriov_configure+0x8d7/0x1520 [ice]\n   ? __percpu_ref_switch_mode+0x1b1/0x5d0\n   ? __pfx_ice_sriov_configure+0x10/0x10 [ice]\n\nSometimes a KASAN report can be seen instead with a similar stack trace:\n  BUG: KASAN: use-after-free in __list_add_valid_or_report+0xf1/0x100\n\nVFs are added to this list in ice_mbx_init_vf_info(), but only removed\nin ice_free_vfs(). Move the removing to ice_free_vf_entries(), which is\nalso being called in other places where VFs are being removed (including\nice_free_vfs() itself).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21883",
          "url": "https://www.suse.com/security/cve/CVE-2025-21883"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240189 for CVE-2025-21883",
          "url": "https://bugzilla.suse.com/1240189"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21883"
    },
    {
      "cve": "CVE-2025-21885",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21885"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix the page details for the srq created by kernel consumers\n\nWhile using nvme target with use_srq on, below kernel panic is noticed.\n\n[  549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91 RS(544,514)\n[  566.393619] Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n..\n[  566.393799]  \u003cTASK\u003e\n[  566.393807]  ? __die_body+0x1a/0x60\n[  566.393823]  ? die+0x38/0x60\n[  566.393835]  ? do_trap+0xe4/0x110\n[  566.393847]  ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[  566.393867]  ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[  566.393881]  ? do_error_trap+0x7c/0x120\n[  566.393890]  ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[  566.393911]  ? exc_divide_error+0x34/0x50\n[  566.393923]  ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[  566.393939]  ? asm_exc_divide_error+0x16/0x20\n[  566.393966]  ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[  566.393997]  bnxt_qplib_create_srq+0xc9/0x340 [bnxt_re]\n[  566.394040]  bnxt_re_create_srq+0x335/0x3b0 [bnxt_re]\n[  566.394057]  ? srso_return_thunk+0x5/0x5f\n[  566.394068]  ? __init_swait_queue_head+0x4a/0x60\n[  566.394090]  ib_create_srq_user+0xa7/0x150 [ib_core]\n[  566.394147]  nvmet_rdma_queue_connect+0x7d0/0xbe0 [nvmet_rdma]\n[  566.394174]  ? lock_release+0x22c/0x3f0\n[  566.394187]  ? srso_return_thunk+0x5/0x5f\n\nPage size and shift info is set only for the user space SRQs.\nSet page size and page shift for kernel space SRQs also.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21885",
          "url": "https://www.suse.com/security/cve/CVE-2025-21885"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240169 for CVE-2025-21885",
          "url": "https://bugzilla.suse.com/1240169"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21885"
    },
    {
      "cve": "CVE-2025-21886",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21886"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP hang on parent deregistration\n\nFix the destroy_unused_implicit_child_mr() to prevent hanging during\nparent deregistration as of below [1].\n\nUpon entering destroy_unused_implicit_child_mr(), the reference count\nfor the implicit MR parent is incremented using:\nrefcount_inc_not_zero().\n\nA corresponding decrement must be performed if\nfree_implicit_child_mr_work() is not called.\n\nThe code has been updated to properly manage the reference count that\nwas incremented.\n\n[1]\nINFO: task python3:2157 blocked for more than 120 seconds.\nNot tainted 6.12.0-rc7+ #1633\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:python3         state:D stack:0     pid:2157 tgid:2157  ppid:1685   flags:0x00000000\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\n__mlx5_ib_dereg_mr+0x379/0x5d0 [mlx5_ib]\n? __pfx_autoremove_wake_function+0x10/0x10\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n __x64_sys_ioctl+0x1b0/0xa70\n? kmem_cache_free+0x221/0x400\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f20f21f017b\nRSP: 002b:00007ffcfc4a77c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffcfc4a78d8 RCX: 00007f20f21f017b\nRDX: 00007ffcfc4a78c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffcfc4a78a0 R08: 000056147d125190 R09: 00007f20f1f14c60\nR10: 0000000000000001 R11: 0000000000000246 R12: 00007ffcfc4a7890\nR13: 000000000000001c R14: 000056147d100fc0 R15: 00007f20e365c9d0\n\u003c/TASK\u003e",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21886",
          "url": "https://www.suse.com/security/cve/CVE-2025-21886"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240188 for CVE-2025-21886",
          "url": "https://bugzilla.suse.com/1240188"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21886"
    },
    {
      "cve": "CVE-2025-21888",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21888"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a WARN during dereg_mr for DM type\n\nMemory regions (MR) of type DM (device memory) do not have an associated\numem.\n\nIn the __mlx5_ib_dereg_mr() -\u003e mlx5_free_priv_descs() flow, the code\nincorrectly takes the wrong branch, attempting to call\ndma_unmap_single() on a DMA address that is not mapped.\n\nThis results in a WARN [1], as shown below.\n\nThe issue is resolved by properly accounting for the DM type and\nensuring the correct branch is selected in mlx5_free_priv_descs().\n\n[1]\nWARNING: CPU: 12 PID: 1346 at drivers/iommu/dma-iommu.c:1230 iommu_dma_unmap_page+0x79/0x90\nModules linked in: ip6table_mangle ip6table_nat ip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry ovelay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\nCPU: 12 UID: 0 PID: 1346 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1631\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:iommu_dma_unmap_page+0x79/0x90\nCode: 2b 49 3b 29 72 26 49 3b 69 08 73 20 4d 89 f0 44 89 e9 4c 89 e2 48 89 ee 48 89 df 5b 5d 41 5c 41 5d 41 5e 41 5f e9 07 b8 88 ff \u003c0f\u003e 0b 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 66 0f 1f 44 00\nRSP: 0018:ffffc90001913a10 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88810194b0a8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001\nRBP: ffff88810194b0a8 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000\nFS:  00007f537abdd740(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f537aeb8000 CR3: 000000010c248001 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x84/0x190\n? iommu_dma_unmap_page+0x79/0x90\n? report_bug+0xf8/0x1c0\n? handle_bug+0x55/0x90\n? exc_invalid_op+0x13/0x60\n? asm_exc_invalid_op+0x16/0x20\n? iommu_dma_unmap_page+0x79/0x90\ndma_unmap_page_attrs+0xe6/0x290\nmlx5_free_priv_descs+0xb0/0xe0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x37e/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f537adaf17b\nCode: 0f 1e fa 48 8b 05 1d ad 0c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ed ac 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffff218f0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffff218f1d8 RCX: 00007f537adaf17b\nRDX: 00007ffff218f1c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffff218f1a0 R08: 00007f537aa8d010 R09: 0000561ee2e4f270\nR10: 00007f537aace3a8 R11: 0000000000000246 R12: 00007ffff218f190\nR13: 000000000000001c R14: 0000561ee2e4d7c0 R15: 00007ffff218f450\n\u003c/TASK\u003e",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21888",
          "url": "https://www.suse.com/security/cve/CVE-2025-21888"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240177 for CVE-2025-21888",
          "url": "https://bugzilla.suse.com/1240177"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21888"
    },
    {
      "cve": "CVE-2025-21890",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21890"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix checksums set in idpf_rx_rsc()\n\nidpf_rx_rsc() uses skb_transport_offset(skb) while the transport header\nis not set yet.\n\nThis triggers the following warning for CONFIG_DEBUG_NET=y builds.\n\nDEBUG_NET_WARN_ON_ONCE(!skb_transport_header_was_set(skb))\n\n[   69.261620] WARNING: CPU: 7 PID: 0 at ./include/linux/skbuff.h:3020 idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[   69.261629] Modules linked in: vfat fat dummy bridge intel_uncore_frequency_tpmi intel_uncore_frequency_common intel_vsec_tpmi idpf intel_vsec cdc_ncm cdc_eem cdc_ether usbnet mii xhci_pci xhci_hcd ehci_pci ehci_hcd libeth\n[   69.261644] CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Tainted: G S      W          6.14.0-smp-DEV #1697\n[   69.261648] Tainted: [S]=CPU_OUT_OF_SPEC, [W]=WARN\n[   69.261650] RIP: 0010:idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[   69.261677] ? __warn (kernel/panic.c:242 kernel/panic.c:748)\n[   69.261682] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[   69.261687] ? report_bug (lib/bug.c:?)\n[   69.261690] ? handle_bug (arch/x86/kernel/traps.c:285)\n[   69.261694] ? exc_invalid_op (arch/x86/kernel/traps.c:309)\n[   69.261697] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[   69.261700] ? __pfx_idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:4011) idpf\n[   69.261704] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[   69.261708] ? idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:3072) idpf\n[   69.261712] __napi_poll (net/core/dev.c:7194)\n[   69.261716] net_rx_action (net/core/dev.c:7265)\n[   69.261718] ? __qdisc_run (net/sched/sch_generic.c:293)\n[   69.261721] ? sched_clock (arch/x86/include/asm/preempt.h:84 arch/x86/kernel/tsc.c:288)\n[   69.261726] handle_softirqs (kernel/softirq.c:561)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21890",
          "url": "https://www.suse.com/security/cve/CVE-2025-21890"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240173 for CVE-2025-21890",
          "url": "https://bugzilla.suse.com/1240173"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21890"
    },
    {
      "cve": "CVE-2025-21891",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21891"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: ensure network headers are in skb linear part\n\nsyzbot found that ipvlan_process_v6_outbound() was assuming\nthe IPv6 network header isis present in skb-\u003ehead [1]\n\nAdd the needed pskb_network_may_pull() calls for both\nIPv4 and IPv6 handlers.\n\n[1]\nBUG: KMSAN: uninit-value in __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n  __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n  ipv6_addr_type include/net/ipv6.h:555 [inline]\n  ip6_route_output_flags_noref net/ipv6/route.c:2616 [inline]\n  ip6_route_output_flags+0x51/0x720 net/ipv6/route.c:2651\n  ip6_route_output include/net/ip6_route.h:93 [inline]\n  ipvlan_route_v6_outbound+0x24e/0x520 drivers/net/ipvlan/ipvlan_core.c:476\n  ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:491 [inline]\n  ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:541 [inline]\n  ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:605 [inline]\n  ipvlan_queue_xmit+0xd72/0x1780 drivers/net/ipvlan/ipvlan_core.c:671\n  ipvlan_start_xmit+0x5b/0x210 drivers/net/ipvlan/ipvlan_main.c:223\n  __netdev_start_xmit include/linux/netdevice.h:5150 [inline]\n  netdev_start_xmit include/linux/netdevice.h:5159 [inline]\n  xmit_one net/core/dev.c:3735 [inline]\n  dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3751\n  sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343\n  qdisc_restart net/sched/sch_generic.c:408 [inline]\n  __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416\n  qdisc_run+0x141/0x4d0 include/net/pkt_sched.h:127\n  net_tx_action+0x78b/0x940 net/core/dev.c:5484\n  handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n  __do_softirq+0x14/0x1a kernel/softirq.c:595\n  do_softirq+0x9a/0x100 kernel/softirq.c:462\n  __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n  local_bh_enable include/linux/bottom_half.h:33 [inline]\n  rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n  __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4611\n  dev_queue_xmit include/linux/netdevice.h:3311 [inline]\n  packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n  packet_snd net/packet/af_packet.c:3132 [inline]\n  packet_sendmsg+0x93e0/0xa7e0 net/packet/af_packet.c:3164\n  sock_sendmsg_nosec net/socket.c:718 [inline]",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21891",
          "url": "https://www.suse.com/security/cve/CVE-2025-21891"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240186 for CVE-2025-21891",
          "url": "https://bugzilla.suse.com/1240186"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21891"
    },
    {
      "cve": "CVE-2025-21892",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-21892"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix the recovery flow of the UMR QP\n\nThis patch addresses an issue in the recovery flow of the UMR QP,\nensuring tasks do not get stuck, as highlighted by the call trace [1].\n\nDuring recovery, before transitioning the QP to the RESET state, the\nsoftware must wait for all outstanding WRs to complete.\n\nFailing to do so can cause the firmware to skip sending some flushed\nCQEs with errors and simply discard them upon the RESET, as per the IB\nspecification.\n\nThis race condition can result in lost CQEs and tasks becoming stuck.\n\nTo resolve this, the patch sends a final WR which serves only as a\nbarrier before moving the QP state to RESET.\n\nOnce a CQE is received for that final WR, it guarantees that no\noutstanding WRs remain, making it safe to transition the QP to RESET and\nsubsequently back to RTS, restoring proper functionality.\n\nNote:\nFor the barrier WR, we simply reuse the failed and ready WR.\nSince the QP is in an error state, it will only receive\nIB_WC_WR_FLUSH_ERR. However, as it serves only as a barrier we don\u0027t\ncare about its status.\n\n[1]\nINFO: task rdma_resource_l:1922 blocked for more than 120 seconds.\nTainted: G        W          6.12.0-rc7+ #1626\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:rdma_resource_l state:D stack:0  pid:1922 tgid:1922  ppid:1369\n     flags:0x00004004\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\nschedule_timeout+0x280/0x300\n? mark_held_locks+0x48/0x80\n? lockdep_hardirqs_on_prepare+0xe5/0x1a0\nwait_for_completion+0x75/0x130\nmlx5r_umr_post_send_wait+0x3c2/0x5b0 [mlx5_ib]\n? __pfx_mlx5r_umr_done+0x10/0x10 [mlx5_ib]\nmlx5r_umr_revoke_mr+0x93/0xc0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x299/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? __lock_acquire+0x64e/0x2080\n? mark_held_locks+0x48/0x80\n? find_held_lock+0x2d/0xa0\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? __fget_files+0xc3/0x1b0\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f99c918b17b\nRSP: 002b:00007ffc766d0468 EFLAGS: 00000246 ORIG_RAX:\n     0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffc766d0578 RCX:\n     00007f99c918b17b\nRDX: 00007ffc766d0560 RSI: 00000000c0181b01 RDI:\n     0000000000000003\nRBP: 00007ffc766d0540 R08: 00007f99c8f99010 R09:\n     000000000000bd7e\nR10: 00007f99c94c1c70 R11: 0000000000000246 R12:\n     00007ffc766d0530\nR13: 000000000000001c R14: 0000000040246a80 R15:\n     0000000000000000\n\u003c/TASK\u003e",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
          "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
          "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
          "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-21892",
          "url": "https://www.suse.com/security/cve/CVE-2025-21892"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240175 for CVE-2025-21892",
          "url": "https://bugzilla.suse.com/1240175"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
            "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
            "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
            "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-04-08T16:32:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-21892"
    }
  ]
}