suse-su-2025:20498-1
Vulnerability from csaf_suse
Published
2025-07-18 12:21
Modified
2025-07-18 12:21
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).
- CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982).
- CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859).
- CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610).
- CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577).
- CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).
- CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814).
- CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544).
- CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572).
- CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).
- CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).
- CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).
- CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907).
- CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051).
- CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060).
- CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467).
- CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480).
- CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551).
- CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620).
- CVE-2025-37938: tracing: Verify event formats that have "%*p.." (bsc#1243544).
- CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538).
- CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523).
- CVE-2025-37992: net_sched: Flush gso_skb list too during ->change() (bsc#1243698).
- CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).
- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).
- CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729).
- CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999).
- CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746).
- CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).
- CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155).
- CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743).
The following non-security bugs were fixed:
- ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).
- ACPI: battery: negate current when discharging (stable-fixes).
- ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).
- ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).
- ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).
- ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).
- ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).
- ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).
- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes).
- ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).
- ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).
- ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).
- ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).
- ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).
- ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-fixes).
- ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).
- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes).
- ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes).
- ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).
- ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes).
- ALSA: usb-audio: Skip setting clock selector for single connections (stable-fixes).
- ALSA: usb-audio: Support multiple control interfaces (stable-fixes).
- ALSA: usb-audio: Support read-only clock selector control (stable-fixes).
- ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes).
- ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes).
- ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).
- ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).
- ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).
- Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).
- Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).
- Bluetooth: MGMT: Fix sparse errors (git-fixes).
- Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).
- Bluetooth: Remove pending ACL connection attempts (stable-fixes).
- Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-fixes).
- Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).
- Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).
- Bluetooth: hci_event: Fix not using key encryption size when its known (git-fixes).
- Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes).
- HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).
- HID: wacom: fix kobject reference count leak (git-fixes).
- HID: wacom: fix memory leak on kobject creation failure (git-fixes).
- HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).
- Input: sparcspkr - avoid unannotated fall-through (stable-fixes).
- KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).
- NFC: nci: uart: Set tty->disc_data only in success path (git-fixes).
- PCI/DPC: Log Error Source ID only when valid (git-fixes).
- PCI/DPC: Use defines with DPC reason fields (git-fixes).
- PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes).
- PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).
- PCI: apple: Set only available ports up (git-fixes).
- PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes).
- PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes).
- RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)
- RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)
- Revert "ALSA: usb-audio: Skip setting clock selector for single connections" (stable-fixes).
- Revert "arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes)
- Revert "kABI: ipv6: save dontfrag in cork (git-fixes)."
- USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes).
- arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)
- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes).
- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).
- ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).
- bnxt: properly flush XDP redirect lists (git-fixes).
- bpf: Force uprobe bpf program to always return 0 (git-fixes).
- btrfs: fix fsync of files with no hard links not persisting deletion (git-fixes).
- btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes).
- btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes).
- btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes).
- btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).
- btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes).
- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).
- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).
- can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).
- ceph: Fix incorrect flush end position calculation (git-fixes).
- ceph: allocate sparse_ext map only for sparse reads (git-fixes).
- ceph: fix memory leaks in __ceph_sync_read() (git-fixes).
- cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166).
- clocksource: Fix brown-bag boolean thinko in (git-fixes)
- clocksource: Make watchdog and suspend-timing multiplication (git-fixes)
- devlink: Fix referring to hw_addr attribute during state validation (git-fixes).
- devlink: fix port dump cmd type (git-fixes).
- drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).
- drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).
- drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes).
- drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).
- drm/i915: fix build error some more (git-fixes).
- drm/msm/disp: Correct porch timing for SDM845 (git-fixes).
- drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).
- drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).
- drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).
- e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes).
- fbcon: Make sure modelist not set on unregistered console (stable-fixes).
- fgraph: Still initialize idle shadow stacks when starting (git-fixes).
- firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes).
- gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).
- gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).
- gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes).
- hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).
- hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes).
- hwmon: (occ) Rework attribute registration for stack usage (git-fixes).
- hwmon: (occ) fix unaligned accesses (git-fixes).
- hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).
- hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).
- i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes).
- i2c: npcm: Add clock toggle recovery (stable-fixes).
- i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).
- i2c: tiny-usb: disable zero-length read messages (git-fixes).
- i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).
- i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).
- ice: Fix LACP bonds without SRIOV environment (git-fixes).
- ice: create new Tx scheduler nodes for new queues only (git-fixes).
- ice: fix Tx scheduler error handling in XDP callback (git-fixes).
- ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes).
- ice: fix vf->num_mac count with port representors (git-fixes).
- ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650).
- iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)
- iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)
- isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).
- kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- kabi: restore layout of struct cgroup_subsys (bsc#1241166).
- kabi: restore layout of struct mem_control (jsc#PED-12551).
- kabi: restore layout of struct page_counter (jsc#PED-12551).
- loop: add file_start_write() and file_end_write() (git-fixes).
- md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes).
- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).
- mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).
- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).
- mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551).
- mmc: Add quirk to disable DDR50 tuning (stable-fixes).
- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes).
- net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).
- net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).
- net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes).
- net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).
- net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).
- net/mlx5: Fix return value when searching for existing flow group (git-fixes).
- net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).
- net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).
- net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).
- net: Fix TOCTOU issue in sk_is_readable() (git-fixes).
- net: ice: Perform accurate aRFS flow match (git-fixes).
- net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).
- net: mana: Record doorbell physical address in PF mode (bsc#1244229).
- net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)
- net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).
- net_sched: prio: fix a race in prio_tune() (git-fixes).
- net_sched: red: fix a race in __red_change() (git-fixes).
- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
- net_sched: sch_sfq: reject invalid perturb period (git-fixes).
- net_sched: tbf: fix a race in tbf_change() (git-fixes).
- netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).
- netlink: specs: dpll: replace underscores with dashes in names (git-fixes).
- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes).
- ntp: Clamp maxerror and esterror to operating range (git-fixes)
- ntp: Remove invalid cast in time offset math (git-fixes)
- ntp: Safeguard against time_constant overflow (git-fixes)
- nvme-fc: do not reference lsrsp after failure (bsc#1245193).
- nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes).
- nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).
- nvme-pci: add quirks for device 126f:1001 (git-fixes).
- nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).
- nvme: fix command limits status code (git-fixes).
- nvme: fix implicit bool to flags conversion (git-fixes).
- nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).
- nvmet-fc: take tgtport refs for portentry (bsc#1245193).
- nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).
- nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).
- nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).
- nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).
- nvmet-fcloop: drop response if targetport is gone (bsc#1245193).
- nvmet-fcloop: prevent double port deletion (bsc#1245193).
- nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).
- nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).
- nvmet-fcloop: remove nport from list on last user (bsc#1245193).
- nvmet-fcloop: track ref counts for nports (bsc#1245193).
- nvmet-fcloop: update refs on tfcp_req (bsc#1245193).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes).
- pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).
- pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).
- pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).
- platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).
- platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).
- platform/x86: dell_rbu: Fix list usage (git-fixes).
- platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).
- platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).
- power: supply: bq27xxx: Retrieve again when busy (stable-fixes).
- power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes).
- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199).
- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).
- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).
- ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() (git-fixes).
- r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).
- regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes).
- rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725)
- rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).
- rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).
- s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).
- s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).
- scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).
- scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).
- scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).
- scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).
- scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes).
- scsi: mpi3mr: Add level check to control event logging (git-fixes).
- scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).
- scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes).
- scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes).
- scsi: st: ERASE does not change tape location (git-fixes).
- scsi: st: Restore some drive settings after reset (git-fixes).
- scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).
- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).
- scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).
- serial: imx: Restore original RXTL for console to fix data loss (git-fixes).
- serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).
- software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes).
- staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes).
- struct usci: hide additional member (git-fixes).
- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes).
- thunderbolt: Do not double dequeue a configuration request (stable-fixes).
- timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)
- timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)
- timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)
- timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)
- trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes).
- tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes).
- tracing: Add __print_dynamic_array() helper (bsc#1243544).
- tracing: Add __string_len() example (bsc#1243544).
- tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes).
- tracing: Fix compilation warning on arm32 (bsc#1243551).
- tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).
- truct dwc3 hide new member wakeup_pending_funcs (git-fixes).
- ucsi_debugfs_entry: hide signedness change (git-fixes).
- uprobes: Use kzalloc to allocate xol area (git-fixes).
- usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).
- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).
- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes).
- usb: typec: ucsi: Only enable supported notifications (git-fixes).
- usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-fixes).
- usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).
- usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).
- usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).
- usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).
- vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).
- vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).
- vmxnet3: update MTU after device quiesce (bsc#1244626).
- watchdog: da9052_wdt: respect TWDMIN (stable-fixes).
- watchdog: fix watchdog may detect false positive of softlockup (stable-fixes).
- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).
- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).
- wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).
- wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes).
- wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).
- wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes).
- wifi: ath11k: do not wait when there is no vdev started (git-fixes).
- wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).
- wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes).
- wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847).
- wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes).
- wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes).
- wifi: ath12k: fix a possible dead lock caused by ab->base_lock (stable-fixes).
- wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes).
- wifi: ath12k: fix incorrect CE addresses (stable-fixes).
- wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes).
- wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes).
- wifi: carl9170: do not ping device which has failed to load firmware (git-fixes).
- wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).
- wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes).
- wifi: mac80211: VLAN traffic in multicast path (stable-fixes).
- wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes).
- wifi: mac80211: fix beacon interval calculation overflow (git-fixes).
- wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes).
- wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).
- wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).
- wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes).
- wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes).
- x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).
- x86/microcode/AMD: Add get_patch_level() (git-fixes).
- x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes).
- x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes).
- x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes).
- x86/microcode: Consolidate the loader enablement checking (git-fixes).
- x86/mm/init: Handle the special case of device private pages in
add_pages(), to not increase max_pfn and trigger dma_addressing_limited()
bounce buffers (git-fixes).
- x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).
- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)
- xen/x86: fix initial memory balloon target (git-fixes).
Patchnames
SUSE-SLE-Micro-6.0-kernel-52
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).\n- CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982).\n- CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859).\n- CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610).\n- CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577).\n- CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).\n- CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814).\n- CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544).\n- CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572).\n- CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).\n- CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).\n- CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).\n- CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907).\n- CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051).\n- CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060).\n- CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467).\n- CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480).\n- CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551).\n- CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620).\n- CVE-2025-37938: tracing: Verify event formats that have \"%*p..\" (bsc#1243544).\n- CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538).\n- CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523).\n- CVE-2025-37992: net_sched: Flush gso_skb list too during -\u003echange() (bsc#1243698).\n- CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).\n- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).\n- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).\n- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).\n- CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729).\n- CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999).\n- CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746).\n- CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).\n- CVE-2025-38060: bpf: abort verification if env-\u003ecur_state-\u003eloop_entry != NULL (bsc#1245155).\n- CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743).\n\nThe following non-security bugs were fixed:\n\n- ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).\n- ACPI: battery: negate current when discharging (stable-fixes).\n- ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).\n- ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).\n- ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).\n- ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).\n- ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).\n- ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).\n- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).\n- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes).\n- ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).\n- ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).\n- ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes).\n- ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).\n- ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).\n- ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).\n- ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-fixes).\n- ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).\n- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes).\n- ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes).\n- ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).\n- ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes).\n- ALSA: usb-audio: Skip setting clock selector for single connections (stable-fixes).\n- ALSA: usb-audio: Support multiple control interfaces (stable-fixes).\n- ALSA: usb-audio: Support read-only clock selector control (stable-fixes).\n- ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes).\n- ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes).\n- ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).\n- ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).\n- ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).\n- Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).\n- Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).\n- Bluetooth: MGMT: Fix sparse errors (git-fixes).\n- Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).\n- Bluetooth: Remove pending ACL connection attempts (stable-fixes).\n- Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-fixes).\n- Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).\n- Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).\n- Bluetooth: hci_event: Fix not using key encryption size when its known (git-fixes).\n- Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).\n- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).\n- Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes).\n- HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).\n- HID: wacom: fix kobject reference count leak (git-fixes).\n- HID: wacom: fix memory leak on kobject creation failure (git-fixes).\n- HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).\n- Input: sparcspkr - avoid unannotated fall-through (stable-fixes).\n- KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).\n- NFC: nci: uart: Set tty-\u003edisc_data only in success path (git-fixes).\n- PCI/DPC: Log Error Source ID only when valid (git-fixes).\n- PCI/DPC: Use defines with DPC reason fields (git-fixes).\n- PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes).\n- PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).\n- PCI: apple: Set only available ports up (git-fixes).\n- PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes).\n- PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).\n- PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).\n- PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes).\n- RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)\n- RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)\n- Revert \"ALSA: usb-audio: Skip setting clock selector for single connections\" (stable-fixes).\n- Revert \"arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes)\n- Revert \"kABI: ipv6: save dontfrag in cork (git-fixes).\"\n- USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes).\n- arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)\n- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes).\n- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).\n- ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).\n- bnxt: properly flush XDP redirect lists (git-fixes).\n- bpf: Force uprobe bpf program to always return 0 (git-fixes).\n- btrfs: fix fsync of files with no hard links not persisting deletion (git-fixes).\n- btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes).\n- btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes).\n- btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes).\n- btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).\n- btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes).\n- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).\n- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).\n- can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).\n- ceph: Fix incorrect flush end position calculation (git-fixes).\n- ceph: allocate sparse_ext map only for sparse reads (git-fixes).\n- ceph: fix memory leaks in __ceph_sync_read() (git-fixes).\n- cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166).\n- clocksource: Fix brown-bag boolean thinko in (git-fixes)\n- clocksource: Make watchdog and suspend-timing multiplication (git-fixes)\n- devlink: Fix referring to hw_addr attribute during state validation (git-fixes).\n- devlink: fix port dump cmd type (git-fixes).\n- drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).\n- drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).\n- drm/etnaviv: Protect the scheduler\u0027s pending list with its lock (git-fixes).\n- drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).\n- drm/i915: fix build error some more (git-fixes).\n- drm/msm/disp: Correct porch timing for SDM845 (git-fixes).\n- drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).\n- drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).\n- drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).\n- e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes).\n- fbcon: Make sure modelist not set on unregistered console (stable-fixes).\n- fgraph: Still initialize idle shadow stacks when starting (git-fixes).\n- firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes).\n- gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).\n- gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).\n- gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes).\n- hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).\n- hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes).\n- hwmon: (occ) Rework attribute registration for stack usage (git-fixes).\n- hwmon: (occ) fix unaligned accesses (git-fixes).\n- hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).\n- hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).\n- i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes).\n- i2c: npcm: Add clock toggle recovery (stable-fixes).\n- i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).\n- i2c: tiny-usb: disable zero-length read messages (git-fixes).\n- i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).\n- i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).\n- ice: Fix LACP bonds without SRIOV environment (git-fixes).\n- ice: create new Tx scheduler nodes for new queues only (git-fixes).\n- ice: fix Tx scheduler error handling in XDP callback (git-fixes).\n- ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes).\n- ice: fix vf-\u003enum_mac count with port representors (git-fixes).\n- ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650).\n- iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)\n- iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)\n- isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).\n- kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).\n- kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).\n- kabi: restore layout of struct cgroup_subsys (bsc#1241166).\n- kabi: restore layout of struct mem_control (jsc#PED-12551).\n- kabi: restore layout of struct page_counter (jsc#PED-12551).\n- loop: add file_start_write() and file_end_write() (git-fixes).\n- md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes).\n- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).\n- mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).\n- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).\n- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).\n- mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551).\n- mmc: Add quirk to disable DDR50 tuning (stable-fixes).\n- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes).\n- net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).\n- net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).\n- net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes).\n- net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).\n- net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).\n- net/mlx5: Fix return value when searching for existing flow group (git-fixes).\n- net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).\n- net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).\n- net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).\n- net: Fix TOCTOU issue in sk_is_readable() (git-fixes).\n- net: ice: Perform accurate aRFS flow match (git-fixes).\n- net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).\n- net: mana: Record doorbell physical address in PF mode (bsc#1244229).\n- net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)\n- net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).\n- net_sched: prio: fix a race in prio_tune() (git-fixes).\n- net_sched: red: fix a race in __red_change() (git-fixes).\n- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)\n- net_sched: sch_sfq: reject invalid perturb period (git-fixes).\n- net_sched: tbf: fix a race in tbf_change() (git-fixes).\n- netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).\n- netlink: specs: dpll: replace underscores with dashes in names (git-fixes).\n- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes).\n- ntp: Clamp maxerror and esterror to operating range (git-fixes)\n- ntp: Remove invalid cast in time offset math (git-fixes)\n- ntp: Safeguard against time_constant overflow (git-fixes)\n- nvme-fc: do not reference lsrsp after failure (bsc#1245193).\n- nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes).\n- nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).\n- nvme-pci: add quirks for device 126f:1001 (git-fixes).\n- nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).\n- nvme: fix command limits status code (git-fixes).\n- nvme: fix implicit bool to flags conversion (git-fixes).\n- nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).\n- nvmet-fc: take tgtport refs for portentry (bsc#1245193).\n- nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).\n- nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).\n- nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).\n- nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).\n- nvmet-fcloop: drop response if targetport is gone (bsc#1245193).\n- nvmet-fcloop: prevent double port deletion (bsc#1245193).\n- nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).\n- nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).\n- nvmet-fcloop: remove nport from list on last user (bsc#1245193).\n- nvmet-fcloop: track ref counts for nports (bsc#1245193).\n- nvmet-fcloop: update refs on tfcp_req (bsc#1245193).\n- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes).\n- pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).\n- pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).\n- pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).\n- platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).\n- platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).\n- platform/x86: dell_rbu: Fix list usage (git-fixes).\n- platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).\n- platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).\n- power: supply: bq27xxx: Retrieve again when busy (stable-fixes).\n- power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes).\n- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199).\n- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).\n- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).\n- ptp: remove ptp-\u003en_vclocks check logic in ptp_vclock_in_use() (git-fixes).\n- r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).\n- regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes).\n- rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725)\n- rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).\n- rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).\n- s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).\n- s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).\n- scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).\n- scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).\n- scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).\n- scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).\n- scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes).\n- scsi: mpi3mr: Add level check to control event logging (git-fixes).\n- scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).\n- scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes).\n- scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes).\n- scsi: st: ERASE does not change tape location (git-fixes).\n- scsi: st: Restore some drive settings after reset (git-fixes).\n- scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).\n- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).\n- scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).\n- serial: imx: Restore original RXTL for console to fix data loss (git-fixes).\n- serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).\n- serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).\n- software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes).\n- staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes).\n- struct usci: hide additional member (git-fixes).\n- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes).\n- thunderbolt: Do not double dequeue a configuration request (stable-fixes).\n- timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)\n- timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)\n- timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)\n- timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)\n- trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes).\n- tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes).\n- tracing: Add __print_dynamic_array() helper (bsc#1243544).\n- tracing: Add __string_len() example (bsc#1243544).\n- tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes).\n- tracing: Fix compilation warning on arm32 (bsc#1243551).\n- tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).\n- truct dwc3 hide new member wakeup_pending_funcs (git-fixes).\n- ucsi_debugfs_entry: hide signedness change (git-fixes).\n- uprobes: Use kzalloc to allocate xol area (git-fixes).\n- usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).\n- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).\n- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes).\n- usb: typec: ucsi: Only enable supported notifications (git-fixes).\n- usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-fixes).\n- usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).\n- usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).\n- usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).\n- usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).\n- vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).\n- vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).\n- vmxnet3: update MTU after device quiesce (bsc#1244626).\n- watchdog: da9052_wdt: respect TWDMIN (stable-fixes).\n- watchdog: fix watchdog may detect false positive of softlockup (stable-fixes).\n- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).\n- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).\n- wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).\n- wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes).\n- wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).\n- wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes).\n- wifi: ath11k: do not wait when there is no vdev started (git-fixes).\n- wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).\n- wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes).\n- wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847).\n- wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes).\n- wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes).\n- wifi: ath12k: fix a possible dead lock caused by ab-\u003ebase_lock (stable-fixes).\n- wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes).\n- wifi: ath12k: fix incorrect CE addresses (stable-fixes).\n- wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes).\n- wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes).\n- wifi: carl9170: do not ping device which has failed to load firmware (git-fixes).\n- wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).\n- wifi: iwlwifi: pcie: make sure to lock rxq-\u003eread (stable-fixes).\n- wifi: mac80211: VLAN traffic in multicast path (stable-fixes).\n- wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes).\n- wifi: mac80211: fix beacon interval calculation overflow (git-fixes).\n- wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes).\n- wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).\n- wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).\n- wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes).\n- wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes).\n- x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).\n- x86/microcode/AMD: Add get_patch_level() (git-fixes).\n- x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes).\n- x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes).\n- x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes).\n- x86/microcode: Consolidate the loader enablement checking (git-fixes).\n- x86/mm/init: Handle the special case of device private pages in\n add_pages(), to not increase max_pfn and trigger dma_addressing_limited()\n bounce buffers (git-fixes).\n- x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).\n- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)\n- xen/x86: fix initial memory balloon target (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-kernel-52",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20498-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20498-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520498-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20498-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040923.html"
},
{
"category": "self",
"summary": "SUSE Bug 1210025",
"url": "https://bugzilla.suse.com/1210025"
},
{
"category": "self",
"summary": "SUSE Bug 1211226",
"url": "https://bugzilla.suse.com/1211226"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1218184",
"url": "https://bugzilla.suse.com/1218184"
},
{
"category": "self",
"summary": "SUSE Bug 1223008",
"url": "https://bugzilla.suse.com/1223008"
},
{
"category": "self",
"summary": "SUSE Bug 1235490",
"url": "https://bugzilla.suse.com/1235490"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1237913",
"url": "https://bugzilla.suse.com/1237913"
},
{
"category": "self",
"summary": "SUSE Bug 1238859",
"url": "https://bugzilla.suse.com/1238859"
},
{
"category": "self",
"summary": "SUSE Bug 1238982",
"url": "https://bugzilla.suse.com/1238982"
},
{
"category": "self",
"summary": "SUSE Bug 1240577",
"url": "https://bugzilla.suse.com/1240577"
},
{
"category": "self",
"summary": "SUSE Bug 1240610",
"url": "https://bugzilla.suse.com/1240610"
},
{
"category": "self",
"summary": "SUSE Bug 1240686",
"url": "https://bugzilla.suse.com/1240686"
},
{
"category": "self",
"summary": "SUSE Bug 1240814",
"url": "https://bugzilla.suse.com/1240814"
},
{
"category": "self",
"summary": "SUSE Bug 1241166",
"url": "https://bugzilla.suse.com/1241166"
},
{
"category": "self",
"summary": "SUSE Bug 1241278",
"url": "https://bugzilla.suse.com/1241278"
},
{
"category": "self",
"summary": "SUSE Bug 1241414",
"url": "https://bugzilla.suse.com/1241414"
},
{
"category": "self",
"summary": "SUSE Bug 1241544",
"url": "https://bugzilla.suse.com/1241544"
},
{
"category": "self",
"summary": "SUSE Bug 1241572",
"url": "https://bugzilla.suse.com/1241572"
},
{
"category": "self",
"summary": "SUSE Bug 1241592",
"url": "https://bugzilla.suse.com/1241592"
},
{
"category": "self",
"summary": "SUSE Bug 1242504",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "self",
"summary": "SUSE Bug 1242515",
"url": "https://bugzilla.suse.com/1242515"
},
{
"category": "self",
"summary": "SUSE Bug 1242521",
"url": "https://bugzilla.suse.com/1242521"
},
{
"category": "self",
"summary": "SUSE Bug 1242556",
"url": "https://bugzilla.suse.com/1242556"
},
{
"category": "self",
"summary": "SUSE Bug 1242725",
"url": "https://bugzilla.suse.com/1242725"
},
{
"category": "self",
"summary": "SUSE Bug 1242907",
"url": "https://bugzilla.suse.com/1242907"
},
{
"category": "self",
"summary": "SUSE Bug 1243051",
"url": "https://bugzilla.suse.com/1243051"
},
{
"category": "self",
"summary": "SUSE Bug 1243060",
"url": "https://bugzilla.suse.com/1243060"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243467",
"url": "https://bugzilla.suse.com/1243467"
},
{
"category": "self",
"summary": "SUSE Bug 1243480",
"url": "https://bugzilla.suse.com/1243480"
},
{
"category": "self",
"summary": "SUSE Bug 1243506",
"url": "https://bugzilla.suse.com/1243506"
},
{
"category": "self",
"summary": "SUSE Bug 1243523",
"url": "https://bugzilla.suse.com/1243523"
},
{
"category": "self",
"summary": "SUSE Bug 1243538",
"url": "https://bugzilla.suse.com/1243538"
},
{
"category": "self",
"summary": "SUSE Bug 1243544",
"url": "https://bugzilla.suse.com/1243544"
},
{
"category": "self",
"summary": "SUSE Bug 1243551",
"url": "https://bugzilla.suse.com/1243551"
},
{
"category": "self",
"summary": "SUSE Bug 1243620",
"url": "https://bugzilla.suse.com/1243620"
},
{
"category": "self",
"summary": "SUSE Bug 1243698",
"url": "https://bugzilla.suse.com/1243698"
},
{
"category": "self",
"summary": "SUSE Bug 1243774",
"url": "https://bugzilla.suse.com/1243774"
},
{
"category": "self",
"summary": "SUSE Bug 1243823",
"url": "https://bugzilla.suse.com/1243823"
},
{
"category": "self",
"summary": "SUSE Bug 1243827",
"url": "https://bugzilla.suse.com/1243827"
},
{
"category": "self",
"summary": "SUSE Bug 1243832",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "self",
"summary": "SUSE Bug 1243847",
"url": "https://bugzilla.suse.com/1243847"
},
{
"category": "self",
"summary": "SUSE Bug 1244100",
"url": "https://bugzilla.suse.com/1244100"
},
{
"category": "self",
"summary": "SUSE Bug 1244145",
"url": "https://bugzilla.suse.com/1244145"
},
{
"category": "self",
"summary": "SUSE Bug 1244172",
"url": "https://bugzilla.suse.com/1244172"
},
{
"category": "self",
"summary": "SUSE Bug 1244176",
"url": "https://bugzilla.suse.com/1244176"
},
{
"category": "self",
"summary": "SUSE Bug 1244229",
"url": "https://bugzilla.suse.com/1244229"
},
{
"category": "self",
"summary": "SUSE Bug 1244234",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "self",
"summary": "SUSE Bug 1244241",
"url": "https://bugzilla.suse.com/1244241"
},
{
"category": "self",
"summary": "SUSE Bug 1244274",
"url": "https://bugzilla.suse.com/1244274"
},
{
"category": "self",
"summary": "SUSE Bug 1244275",
"url": "https://bugzilla.suse.com/1244275"
},
{
"category": "self",
"summary": "SUSE Bug 1244277",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "self",
"summary": "SUSE Bug 1244309",
"url": "https://bugzilla.suse.com/1244309"
},
{
"category": "self",
"summary": "SUSE Bug 1244313",
"url": "https://bugzilla.suse.com/1244313"
},
{
"category": "self",
"summary": "SUSE Bug 1244337",
"url": "https://bugzilla.suse.com/1244337"
},
{
"category": "self",
"summary": "SUSE Bug 1244626",
"url": "https://bugzilla.suse.com/1244626"
},
{
"category": "self",
"summary": "SUSE Bug 1244725",
"url": "https://bugzilla.suse.com/1244725"
},
{
"category": "self",
"summary": "SUSE Bug 1244727",
"url": "https://bugzilla.suse.com/1244727"
},
{
"category": "self",
"summary": "SUSE Bug 1244729",
"url": "https://bugzilla.suse.com/1244729"
},
{
"category": "self",
"summary": "SUSE Bug 1244731",
"url": "https://bugzilla.suse.com/1244731"
},
{
"category": "self",
"summary": "SUSE Bug 1244732",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "self",
"summary": "SUSE Bug 1244736",
"url": "https://bugzilla.suse.com/1244736"
},
{
"category": "self",
"summary": "SUSE Bug 1244737",
"url": "https://bugzilla.suse.com/1244737"
},
{
"category": "self",
"summary": "SUSE Bug 1244738",
"url": "https://bugzilla.suse.com/1244738"
},
{
"category": "self",
"summary": "SUSE Bug 1244739",
"url": "https://bugzilla.suse.com/1244739"
},
{
"category": "self",
"summary": "SUSE Bug 1244743",
"url": "https://bugzilla.suse.com/1244743"
},
{
"category": "self",
"summary": "SUSE Bug 1244746",
"url": "https://bugzilla.suse.com/1244746"
},
{
"category": "self",
"summary": "SUSE Bug 1244759",
"url": "https://bugzilla.suse.com/1244759"
},
{
"category": "self",
"summary": "SUSE Bug 1244789",
"url": "https://bugzilla.suse.com/1244789"
},
{
"category": "self",
"summary": "SUSE Bug 1244862",
"url": "https://bugzilla.suse.com/1244862"
},
{
"category": "self",
"summary": "SUSE Bug 1244906",
"url": "https://bugzilla.suse.com/1244906"
},
{
"category": "self",
"summary": "SUSE Bug 1244938",
"url": "https://bugzilla.suse.com/1244938"
},
{
"category": "self",
"summary": "SUSE Bug 1244995",
"url": "https://bugzilla.suse.com/1244995"
},
{
"category": "self",
"summary": "SUSE Bug 1244996",
"url": "https://bugzilla.suse.com/1244996"
},
{
"category": "self",
"summary": "SUSE Bug 1244999",
"url": "https://bugzilla.suse.com/1244999"
},
{
"category": "self",
"summary": "SUSE Bug 1245001",
"url": "https://bugzilla.suse.com/1245001"
},
{
"category": "self",
"summary": "SUSE Bug 1245003",
"url": "https://bugzilla.suse.com/1245003"
},
{
"category": "self",
"summary": "SUSE Bug 1245004",
"url": "https://bugzilla.suse.com/1245004"
},
{
"category": "self",
"summary": "SUSE Bug 1245025",
"url": "https://bugzilla.suse.com/1245025"
},
{
"category": "self",
"summary": "SUSE Bug 1245042",
"url": "https://bugzilla.suse.com/1245042"
},
{
"category": "self",
"summary": "SUSE Bug 1245046",
"url": "https://bugzilla.suse.com/1245046"
},
{
"category": "self",
"summary": "SUSE Bug 1245078",
"url": "https://bugzilla.suse.com/1245078"
},
{
"category": "self",
"summary": "SUSE Bug 1245081",
"url": "https://bugzilla.suse.com/1245081"
},
{
"category": "self",
"summary": "SUSE Bug 1245082",
"url": "https://bugzilla.suse.com/1245082"
},
{
"category": "self",
"summary": "SUSE Bug 1245083",
"url": "https://bugzilla.suse.com/1245083"
},
{
"category": "self",
"summary": "SUSE Bug 1245155",
"url": "https://bugzilla.suse.com/1245155"
},
{
"category": "self",
"summary": "SUSE Bug 1245183",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "self",
"summary": "SUSE Bug 1245193",
"url": "https://bugzilla.suse.com/1245193"
},
{
"category": "self",
"summary": "SUSE Bug 1245210",
"url": "https://bugzilla.suse.com/1245210"
},
{
"category": "self",
"summary": "SUSE Bug 1245217",
"url": "https://bugzilla.suse.com/1245217"
},
{
"category": "self",
"summary": "SUSE Bug 1245225",
"url": "https://bugzilla.suse.com/1245225"
},
{
"category": "self",
"summary": "SUSE Bug 1245226",
"url": "https://bugzilla.suse.com/1245226"
},
{
"category": "self",
"summary": "SUSE Bug 1245228",
"url": "https://bugzilla.suse.com/1245228"
},
{
"category": "self",
"summary": "SUSE Bug 1245431",
"url": "https://bugzilla.suse.com/1245431"
},
{
"category": "self",
"summary": "SUSE Bug 1245455",
"url": "https://bugzilla.suse.com/1245455"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26831 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56613 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56699 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58053 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21658 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21720 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21898 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21899 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21920 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22035 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22111 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22120 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37757 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37786 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37811 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37859 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37884 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37909 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37921 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37923 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37927 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37938 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37945 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37946 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37961 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37992 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37994 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37995 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38000 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38001 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38003 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38004 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38007 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38009 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38010 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38011 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38013 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38015 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38018 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38020 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38022 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38023 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38024 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38027 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38031 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38040 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38043 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38044 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38045 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38059 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38060 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38068 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38072 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38077 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38078 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38079 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38080 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38081 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38083/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-07-18T12:21:16Z",
"generator": {
"date": "2025-07-18T12:21:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20498-1",
"initial_release_date": "2025-07-18T12:21:16Z",
"revision_history": [
{
"date": "2025-07-18T12:21:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-34.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-34.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-34.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-34.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-34.1.noarch",
"product_id": "kernel-source-rt-6.4.0-34.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-6.4.0-34.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-34.1.x86_64",
"product_id": "kernel-rt-6.4.0-34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-34.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-34.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-34.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-34.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-34.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-34.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-6.4.0-34.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-6.4.0-34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-34.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-34.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-26831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/handshake: Fix handshake_req_destroy_test1\n\nRecently, handshake_req_destroy_test1 started failing:\n\nExpected handshake_req_destroy_test == req, but\n handshake_req_destroy_test == 0000000000000000\n req == 0000000060f99b40\nnot ok 11 req_destroy works\n\nThis is because \"sock_release(sock)\" was replaced with \"fput(filp)\"\nto address a memory leak. Note that sock_release() is synchronous\nbut fput() usually delays the final close and clean-up.\n\nThe delay is not consequential in the other cases that were changed\nbut handshake_req_destroy_test1 is testing that handshake_req_cancel()\nfollowed by closing the file actually does call the -\u003ehp_destroy\nmethod. Thus the PTR_EQ test at the end has to be sure that the\nfinal close is complete before it checks the pointer.\n\nWe cannot use a completion here because if -\u003ehp_destroy is never\ncalled (ie, there is an API bug) then the test will hang.\n\nReported by: Guenter Roeck \u003clinux@roeck-us.net\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26831",
"url": "https://www.suse.com/security/cve/CVE-2024-26831"
},
{
"category": "external",
"summary": "SUSE Bug 1223008 for CVE-2024-26831",
"url": "https://bugzilla.suse.com/1223008"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-26831"
},
{
"cve": "CVE-2024-56613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56613"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: fix memory leak due to the overwritten vma-\u003enumab_state\n\n[Problem Description]\nWhen running the hackbench program of LTP, the following memory leak is\nreported by kmemleak.\n\n # /opt/ltp/testcases/bin/hackbench 20 thread 1000\n Running with 20*40 (== 800) tasks.\n\n # dmesg | grep kmemleak\n ...\n kmemleak: 480 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n kmemleak: 665 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n\n # cat /sys/kernel/debug/kmemleak\n unreferenced object 0xffff888cd8ca2c40 (size 64):\n comm \"hackbench\", pid 17142, jiffies 4299780315\n hex dump (first 32 bytes):\n ac 74 49 00 01 00 00 00 4c 84 49 00 01 00 00 00 .tI.....L.I.....\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc bff18fd4):\n [\u003cffffffff81419a89\u003e] __kmalloc_cache_noprof+0x2f9/0x3f0\n [\u003cffffffff8113f715\u003e] task_numa_work+0x725/0xa00\n [\u003cffffffff8110f878\u003e] task_work_run+0x58/0x90\n [\u003cffffffff81ddd9f8\u003e] syscall_exit_to_user_mode+0x1c8/0x1e0\n [\u003cffffffff81dd78d5\u003e] do_syscall_64+0x85/0x150\n [\u003cffffffff81e0012b\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n ...\n\nThis issue can be consistently reproduced on three different servers:\n * a 448-core server\n * a 256-core server\n * a 192-core server\n\n[Root Cause]\nSince multiple threads are created by the hackbench program (along with\nthe command argument \u0027thread\u0027), a shared vma might be accessed by two or\nmore cores simultaneously. When two or more cores observe that\nvma-\u003enumab_state is NULL at the same time, vma-\u003enumab_state will be\noverwritten.\n\nAlthough current code ensures that only one thread scans the VMAs in a\nsingle \u0027numa_scan_period\u0027, there might be a chance for another thread\nto enter in the next \u0027numa_scan_period\u0027 while we have not gotten till\nnumab_state allocation [1].\n\nNote that the command `/opt/ltp/testcases/bin/hackbench 50 process 1000`\ncannot the reproduce the issue. It is verified with 200+ test runs.\n\n[Solution]\nUse the cmpxchg atomic operation to ensure that only one thread executes\nthe vma-\u003enumab_state assignment.\n\n[1] https://lore.kernel.org/lkml/1794be3c-358c-4cdc-a43d-a1f841d91ef7@amd.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56613",
"url": "https://www.suse.com/security/cve/CVE-2024-56613"
},
{
"category": "external",
"summary": "SUSE Bug 1244176 for CVE-2024-56613",
"url": "https://bugzilla.suse.com/1244176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "low"
}
],
"title": "CVE-2024-56613"
},
{
"cve": "CVE-2024-56699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix potential double remove of hotplug slot\n\nIn commit 6ee600bfbe0f (\"s390/pci: remove hotplug slot when releasing the\ndevice\") the zpci_exit_slot() was moved from zpci_device_reserved() to\nzpci_release_device() with the intention of keeping the hotplug slot\naround until the device is actually removed.\n\nNow zpci_release_device() is only called once all references are\ndropped. Since the zPCI subsystem only drops its reference once the\ndevice is in the reserved state it follows that zpci_release_device()\nmust only deal with devices in the reserved state. Despite that it\ncontains code to tear down from both configured and standby state. For\nthe standby case this already includes the removal of the hotplug slot\nso would cause a double removal if a device was ever removed in\neither configured or standby state.\n\nInstead of causing a potential double removal in a case that should\nnever happen explicitly WARN_ON() if a device in non-reserved state is\nreleased and get rid of the dead code cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56699",
"url": "https://www.suse.com/security/cve/CVE-2024-56699"
},
{
"category": "external",
"summary": "SUSE Bug 1235490 for CVE-2024-56699",
"url": "https://bugzilla.suse.com/1235490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-56699"
},
{
"cve": "CVE-2024-57982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: state: fix out-of-bounds read during lookup\n\nlookup and resize can run in parallel.\n\nThe xfrm_state_hash_generation seqlock ensures a retry, but the hash\nfunctions can observe a hmask value that is too large for the new hlist\narray.\n\nrehash does:\n rcu_assign_pointer(net-\u003exfrm.state_bydst, ndst) [..]\n net-\u003exfrm.state_hmask = nhashmask;\n\nWhile state lookup does:\n h = xfrm_dst_hash(net, daddr, saddr, tmpl-\u003ereqid, encap_family);\n hlist_for_each_entry_rcu(x, net-\u003exfrm.state_bydst + h, bydst) {\n\nThis is only safe in case the update to state_bydst is larger than\nnet-\u003exfrm.xfrm_state_hmask (or if the lookup function gets\nserialized via state spinlock again).\n\nFix this by prefetching state_hmask and the associated pointers.\nThe xfrm_state_hash_generation seqlock retry will ensure that the pointer\nand the hmask will be consistent.\n\nThe existing helpers, like xfrm_dst_hash(), are now unsafe for RCU side,\nadd lockdep assertions to document that they are only safe for insert\nside.\n\nxfrm_state_lookup_byaddr() uses the spinlock rather than RCU.\nAFAICS this is an oversight from back when state lookup was converted to\nRCU, this lock should be replaced with RCU in a future patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57982",
"url": "https://www.suse.com/security/cve/CVE-2024-57982"
},
{
"category": "external",
"summary": "SUSE Bug 1237913 for CVE-2024-57982",
"url": "https://bugzilla.suse.com/1237913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-57982"
},
{
"cve": "CVE-2024-58053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix handling of received connection abort\n\nFix the handling of a connection abort that we\u0027ve received. Though the\nabort is at the connection level, it needs propagating to the calls on that\nconnection. Whilst the propagation bit is performed, the calls aren\u0027t then\nwoken up to go and process their termination, and as no further input is\nforthcoming, they just hang.\n\nAlso add some tracing for the logging of connection aborts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58053",
"url": "https://www.suse.com/security/cve/CVE-2024-58053"
},
{
"category": "external",
"summary": "SUSE Bug 1238982 for CVE-2024-58053",
"url": "https://bugzilla.suse.com/1238982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-58053"
},
{
"cve": "CVE-2025-21658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: avoid NULL pointer dereference if no valid extent tree\n\n[BUG]\nSyzbot reported a crash with the following call trace:\n\n BTRFS info (device loop0): scrub: started on devid 1\n BUG: kernel NULL pointer dereference, address: 0000000000000208\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 106e70067 P4D 106e70067 PUD 107143067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 UID: 0 PID: 689 Comm: repro Kdump: loaded Tainted: G O 6.13.0-rc4-custom+ #206\n Tainted: [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 02/02/2022\n RIP: 0010:find_first_extent_item+0x26/0x1f0 [btrfs]\n Call Trace:\n \u003cTASK\u003e\n scrub_find_fill_first_stripe+0x13d/0x3b0 [btrfs]\n scrub_simple_mirror+0x175/0x260 [btrfs]\n scrub_stripe+0x5d4/0x6c0 [btrfs]\n scrub_chunk+0xbb/0x170 [btrfs]\n scrub_enumerate_chunks+0x2f4/0x5f0 [btrfs]\n btrfs_scrub_dev+0x240/0x600 [btrfs]\n btrfs_ioctl+0x1dc8/0x2fa0 [btrfs]\n ? do_sys_openat2+0xa5/0xf0\n __x64_sys_ioctl+0x97/0xc0\n do_syscall_64+0x4f/0x120\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\n[CAUSE]\nThe reproducer is using a corrupted image where extent tree root is\ncorrupted, thus forcing to use \"rescue=all,ro\" mount option to mount the\nimage.\n\nThen it triggered a scrub, but since scrub relies on extent tree to find\nwhere the data/metadata extents are, scrub_find_fill_first_stripe()\nrelies on an non-empty extent root.\n\nBut unfortunately scrub_find_fill_first_stripe() doesn\u0027t really expect\nan NULL pointer for extent root, it use extent_root to grab fs_info and\ntriggered a NULL pointer dereference.\n\n[FIX]\nAdd an extra check for a valid extent root at the beginning of\nscrub_find_fill_first_stripe().\n\nThe new error path is introduced by 42437a6386ff (\"btrfs: introduce\nmount option rescue=ignorebadroots\"), but that\u0027s pretty old, and later\ncommit b979547513ff (\"btrfs: scrub: introduce helper to find and fill\nsector info for a scrub_stripe\") changed how we do scrub.\n\nSo for kernels older than 6.6, the fix will need manual backport.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21658",
"url": "https://www.suse.com/security/cve/CVE-2025-21658"
},
{
"category": "external",
"summary": "SUSE Bug 1236208 for CVE-2025-21658",
"url": "https://bugzilla.suse.com/1236208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-21658"
},
{
"cve": "CVE-2025-21720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21720"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: delete intermediate secpath entry in packet offload mode\n\nPackets handled by hardware have added secpath as a way to inform XFRM\ncore code that this path was already handled. That secpath is not needed\nat all after policy is checked and it is removed later in the stack.\n\nHowever, in the case of IP forwarding is enabled (/proc/sys/net/ipv4/ip_forward),\nthat secpath is not removed and packets which already were handled are reentered\nto the driver TX path with xfrm_offload set.\n\nThe following kernel panic is observed in mlx5 in such case:\n\n mlx5_core 0000:04:00.0 enp4s0f0np0: Link up\n mlx5_core 0000:04:00.1 enp4s0f1np1: Link up\n Initializing XFRM netlink socket\n IPsec XFRM device driver\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor instruction fetch in kernel mode\n #PF: error_code(0x0010) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0010 [#1] PREEMPT SMP\n CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc1-alex #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n RIP: 0010:0x0\n Code: Unable to access opcode bytes at 0xffffffffffffffd6.\n RSP: 0018:ffffb87380003800 EFLAGS: 00010206\n RAX: ffff8df004e02600 RBX: ffffb873800038d8 RCX: 00000000ffff98cf\n RDX: ffff8df00733e108 RSI: ffff8df00521fb80 RDI: ffff8df001661f00\n RBP: ffffb87380003850 R08: ffff8df013980000 R09: 0000000000000010\n R10: 0000000000000002 R11: 0000000000000002 R12: ffff8df001661f00\n R13: ffff8df00521fb80 R14: ffff8df00733e108 R15: ffff8df011faf04e\n FS: 0000000000000000(0000) GS:ffff8df46b800000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffffffffffffd6 CR3: 0000000106384000 CR4: 0000000000350ef0\n Call Trace:\n \u003cIRQ\u003e\n ? show_regs+0x63/0x70\n ? __die_body+0x20/0x60\n ? __die+0x2b/0x40\n ? page_fault_oops+0x15c/0x550\n ? do_user_addr_fault+0x3ed/0x870\n ? exc_page_fault+0x7f/0x190\n ? asm_exc_page_fault+0x27/0x30\n mlx5e_ipsec_handle_tx_skb+0xe7/0x2f0 [mlx5_core]\n mlx5e_xmit+0x58e/0x1980 [mlx5_core]\n ? __fib_lookup+0x6a/0xb0\n dev_hard_start_xmit+0x82/0x1d0\n sch_direct_xmit+0xfe/0x390\n __dev_queue_xmit+0x6d8/0xee0\n ? __fib_lookup+0x6a/0xb0\n ? internal_add_timer+0x48/0x70\n ? mod_timer+0xe2/0x2b0\n neigh_resolve_output+0x115/0x1b0\n __neigh_update+0x26a/0xc50\n neigh_update+0x14/0x20\n arp_process+0x2cb/0x8e0\n ? __napi_build_skb+0x5e/0x70\n arp_rcv+0x11e/0x1c0\n ? dev_gro_receive+0x574/0x820\n __netif_receive_skb_list_core+0x1cf/0x1f0\n netif_receive_skb_list_internal+0x183/0x2a0\n napi_complete_done+0x76/0x1c0\n mlx5e_napi_poll+0x234/0x7a0 [mlx5_core]\n __napi_poll+0x2d/0x1f0\n net_rx_action+0x1a6/0x370\n ? atomic_notifier_call_chain+0x3b/0x50\n ? irq_int_handler+0x15/0x20 [mlx5_core]\n handle_softirqs+0xb9/0x2f0\n ? handle_irq_event+0x44/0x60\n irq_exit_rcu+0xdb/0x100\n common_interrupt+0x98/0xc0\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_common_interrupt+0x27/0x40\n RIP: 0010:pv_native_safe_halt+0xb/0x10\n Code: 09 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 0f 22\n 0f 1f 84 00 00 00 00 00 90 eb 07 0f 00 2d 7f e9 36 00 fb\n40 00 83 ff 07 77 21 89 ff ff 24 fd 88 3d a1 bd 0f 21 f8\n RSP: 0018:ffffffffbe603de8 EFLAGS: 00000202\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000f92f46680\n RDX: 0000000000000037 RSI: 00000000ffffffff RDI: 00000000000518d4\n RBP: ffffffffbe603df0 R08: 000000cd42e4dffb R09: ffffffffbe603d70\n R10: 0000004d80d62680 R11: 0000000000000001 R12: ffffffffbe60bf40\n R13: 0000000000000000 R14: 0000000000000000 R15: ffffffffbe60aff8\n ? default_idle+0x9/0x20\n arch_cpu_idle+0x9/0x10\n default_idle_call+0x29/0xf0\n do_idle+0x1f2/0x240\n cpu_startup_entry+0x2c/0x30\n rest_init+0xe7/0x100\n start_kernel+0x76b/0xb90\n x86_64_start_reservations+0x18/0x30\n x86_64_start_kernel+0xc0/0x110\n ? setup_ghcb+0xe/0x130\n common_startup_64+0x13e/0x141\n \u003c/TASK\u003e\n Modules linked in: esp4_offload esp4 xfrm_interface\nxfrm6_tunnel tunnel4 tunnel6 xfrm_user xfrm_algo binf\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21720",
"url": "https://www.suse.com/security/cve/CVE-2025-21720"
},
{
"category": "external",
"summary": "SUSE Bug 1238859 for CVE-2025-21720",
"url": "https://bugzilla.suse.com/1238859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-21720"
},
{
"cve": "CVE-2025-21898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Avoid potential division by zero in function_stat_show()\n\nCheck whether denominator expression x * (x - 1) * 1000 mod {2^32, 2^64}\nproduce zero and skip stddev computation in that case.\n\nFor now don\u0027t care about rec-\u003ecounter * rec-\u003ecounter overflow because\nrec-\u003etime * rec-\u003etime overflow will likely happen earlier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21898",
"url": "https://www.suse.com/security/cve/CVE-2025-21898"
},
{
"category": "external",
"summary": "SUSE Bug 1240610 for CVE-2025-21898",
"url": "https://bugzilla.suse.com/1240610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-21898"
},
{
"cve": "CVE-2025-21899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix bad hist from corrupting named_triggers list\n\nThe following commands causes a crash:\n\n ~# cd /sys/kernel/tracing/events/rcu/rcu_callback\n ~# echo \u0027hist:name=bad:keys=common_pid:onmax(bogus).save(common_pid)\u0027 \u003e trigger\n bash: echo: write error: Invalid argument\n ~# echo \u0027hist:name=bad:keys=common_pid\u0027 \u003e trigger\n\nBecause the following occurs:\n\nevent_trigger_write() {\n trigger_process_regex() {\n event_hist_trigger_parse() {\n\n data = event_trigger_alloc(..);\n\n event_trigger_register(.., data) {\n cmd_ops-\u003ereg(.., data, ..) [hist_register_trigger()] {\n data-\u003eops-\u003einit() [event_hist_trigger_init()] {\n save_named_trigger(name, data) {\n list_add(\u0026data-\u003enamed_list, \u0026named_triggers);\n }\n }\n }\n }\n\n ret = create_actions(); (return -EINVAL)\n if (ret)\n goto out_unreg;\n[..]\n ret = hist_trigger_enable(data, ...) {\n list_add_tail_rcu(\u0026data-\u003elist, \u0026file-\u003etriggers); \u003c\u003c\u003c---- SKIPPED!!! (this is important!)\n[..]\n out_unreg:\n event_hist_unregister(.., data) {\n cmd_ops-\u003eunreg(.., data, ..) [hist_unregister_trigger()] {\n list_for_each_entry(iter, \u0026file-\u003etriggers, list) {\n if (!hist_trigger_match(data, iter, named_data, false)) \u003c- never matches\n continue;\n [..]\n test = iter;\n }\n if (test \u0026\u0026 test-\u003eops-\u003efree) \u003c\u003c\u003c-- test is NULL\n\n test-\u003eops-\u003efree(test) [event_hist_trigger_free()] {\n [..]\n if (data-\u003ename)\n del_named_trigger(data) {\n list_del(\u0026data-\u003enamed_list); \u003c\u003c\u003c\u003c-- NEVER gets removed!\n }\n }\n }\n }\n\n [..]\n kfree(data); \u003c\u003c\u003c-- frees item but it is still on list\n\nThe next time a hist with name is registered, it causes an u-a-f bug and\nthe kernel can crash.\n\nMove the code around such that if event_trigger_register() succeeds, the\nnext thing called is hist_trigger_enable() which adds it to the list.\n\nA bunch of actions is called if get_named_trigger_data() returns false.\nBut that doesn\u0027t need to be called after event_trigger_register(), so it\ncan be moved up, allowing event_trigger_register() to be called just\nbefore hist_trigger_enable() keeping them together and allowing the\nfile-\u003etriggers to be properly populated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21899",
"url": "https://www.suse.com/security/cve/CVE-2025-21899"
},
{
"category": "external",
"summary": "SUSE Bug 1240577 for CVE-2025-21899",
"url": "https://bugzilla.suse.com/1240577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-21899"
},
{
"cve": "CVE-2025-21920",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21920"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvlan: enforce underlying device type\n\nCurrently, VLAN devices can be created on top of non-ethernet devices.\n\nBesides the fact that it doesn\u0027t make much sense, this also causes a\nbug which leaks the address of a kernel function to usermode.\n\nWhen creating a VLAN device, we initialize GARP (garp_init_applicant)\nand MRP (mrp_init_applicant) for the underlying device.\n\nAs part of the initialization process, we add the multicast address of\neach applicant to the underlying device, by calling dev_mc_add.\n\n__dev_mc_add uses dev-\u003eaddr_len to determine the length of the new\nmulticast address.\n\nThis causes an out-of-bounds read if dev-\u003eaddr_len is greater than 6,\nsince the multicast addresses provided by GARP and MRP are only 6\nbytes long.\n\nThis behaviour can be reproduced using the following commands:\n\nip tunnel add gretest mode ip6gre local ::1 remote ::2 dev lo\nip l set up dev gretest\nip link add link gretest name vlantest type vlan id 100\n\nThen, the following command will display the address of garp_pdu_rcv:\n\nip maddr show | grep 01:80:c2:00:00:21\n\nFix the bug by enforcing the type of the underlying device during VLAN\ndevice initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21920",
"url": "https://www.suse.com/security/cve/CVE-2025-21920"
},
{
"category": "external",
"summary": "SUSE Bug 1240686 for CVE-2025-21920",
"url": "https://bugzilla.suse.com/1240686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-21920"
},
{
"cve": "CVE-2025-21959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()\n\nSince commit b36e4523d4d5 (\"netfilter: nf_conncount: fix garbage\ncollection confirm race\"), `cpu` and `jiffies32` were introduced to\nthe struct nf_conncount_tuple.\n\nThe commit made nf_conncount_add() initialize `conn-\u003ecpu` and\n`conn-\u003ejiffies32` when allocating the struct.\nIn contrast, count_tree() was not changed to initialize them.\n\nBy commit 34848d5c896e (\"netfilter: nf_conncount: Split insert and\ntraversal\"), count_tree() was split and the relevant allocation\ncode now resides in insert_tree().\nInitialize `conn-\u003ecpu` and `conn-\u003ejiffies32` in insert_tree().\n\nBUG: KMSAN: uninit-value in find_or_evict net/netfilter/nf_conncount.c:117 [inline]\nBUG: KMSAN: uninit-value in __nf_conncount_add+0xd9c/0x2850 net/netfilter/nf_conncount.c:143\n find_or_evict net/netfilter/nf_conncount.c:117 [inline]\n __nf_conncount_add+0xd9c/0x2850 net/netfilter/nf_conncount.c:143\n count_tree net/netfilter/nf_conncount.c:438 [inline]\n nf_conncount_count+0x82f/0x1e80 net/netfilter/nf_conncount.c:521\n connlimit_mt+0x7f6/0xbd0 net/netfilter/xt_connlimit.c:72\n __nft_match_eval net/netfilter/nft_compat.c:403 [inline]\n nft_match_eval+0x1a5/0x300 net/netfilter/nft_compat.c:433\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x1a5/0x230 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook_slow_list+0x24d/0x860 net/netfilter/core.c:663\n NF_HOOK_LIST include/linux/netfilter.h:350 [inline]\n ip_sublist_rcv+0x17b7/0x17f0 net/ipv4/ip_input.c:633\n ip_list_rcv+0x9ef/0xa40 net/ipv4/ip_input.c:669\n __netif_receive_skb_list_ptype net/core/dev.c:5936 [inline]\n __netif_receive_skb_list_core+0x15c5/0x1670 net/core/dev.c:5983\n __netif_receive_skb_list net/core/dev.c:6035 [inline]\n netif_receive_skb_list_internal+0x1085/0x1700 net/core/dev.c:6126\n netif_receive_skb_list+0x5a/0x460 net/core/dev.c:6178\n xdp_recv_frames net/bpf/test_run.c:280 [inline]\n xdp_test_run_batch net/bpf/test_run.c:361 [inline]\n bpf_test_run_xdp_live+0x2e86/0x3480 net/bpf/test_run.c:390\n bpf_prog_test_run_xdp+0xf1d/0x1ae0 net/bpf/test_run.c:1316\n bpf_prog_test_run+0x5e5/0xa30 kernel/bpf/syscall.c:4407\n __sys_bpf+0x6aa/0xd90 kernel/bpf/syscall.c:5813\n __do_sys_bpf kernel/bpf/syscall.c:5902 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5900 [inline]\n __ia32_sys_bpf+0xa0/0xe0 kernel/bpf/syscall.c:5900\n ia32_sys_call+0x394d/0x4180 arch/x86/include/generated/asm/syscalls_32.h:358\n do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/common.c:387\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/common.c:412\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:450\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4121 [inline]\n slab_alloc_node mm/slub.c:4164 [inline]\n kmem_cache_alloc_noprof+0x915/0xe10 mm/slub.c:4171\n insert_tree net/netfilter/nf_conncount.c:372 [inline]\n count_tree net/netfilter/nf_conncount.c:450 [inline]\n nf_conncount_count+0x1415/0x1e80 net/netfilter/nf_conncount.c:521\n connlimit_mt+0x7f6/0xbd0 net/netfilter/xt_connlimit.c:72\n __nft_match_eval net/netfilter/nft_compat.c:403 [inline]\n nft_match_eval+0x1a5/0x300 net/netfilter/nft_compat.c:433\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x1a5/0x230 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook_slow_list+0x24d/0x860 net/netfilter/core.c:663\n NF_HOOK_LIST include/linux/netfilter.h:350 [inline]\n ip_sublist_rcv+0x17b7/0x17f0 net/ipv4/ip_input.c:633\n ip_list_rcv+0x9ef/0xa40 net/ip\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21959",
"url": "https://www.suse.com/security/cve/CVE-2025-21959"
},
{
"category": "external",
"summary": "SUSE Bug 1240814 for CVE-2025-21959",
"url": "https://bugzilla.suse.com/1240814"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-21959"
},
{
"cve": "CVE-2025-22035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22035"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix use-after-free in print_graph_function_flags during tracer switching\n\nKairui reported a UAF issue in print_graph_function_flags() during\nftrace stress testing [1]. This issue can be reproduced if puting a\n\u0027mdelay(10)\u0027 after \u0027mutex_unlock(\u0026trace_types_lock)\u0027 in s_start(),\nand executing the following script:\n\n $ echo function_graph \u003e current_tracer\n $ cat trace \u003e /dev/null \u0026\n $ sleep 5 # Ensure the \u0027cat\u0027 reaches the \u0027mdelay(10)\u0027 point\n $ echo timerlat \u003e current_tracer\n\nThe root cause lies in the two calls to print_graph_function_flags\nwithin print_trace_line during each s_show():\n\n * One through \u0027iter-\u003etrace-\u003eprint_line()\u0027;\n * Another through \u0027event-\u003efuncs-\u003etrace()\u0027, which is hidden in\n print_trace_fmt() before print_trace_line returns.\n\nTracer switching only updates the former, while the latter continues\nto use the print_line function of the old tracer, which in the script\nabove is print_graph_function_flags.\n\nMoreover, when switching from the \u0027function_graph\u0027 tracer to the\n\u0027timerlat\u0027 tracer, s_start only calls graph_trace_close of the\n\u0027function_graph\u0027 tracer to free \u0027iter-\u003eprivate\u0027, but does not set\nit to NULL. This provides an opportunity for \u0027event-\u003efuncs-\u003etrace()\u0027\nto use an invalid \u0027iter-\u003eprivate\u0027.\n\nTo fix this issue, set \u0027iter-\u003eprivate\u0027 to NULL immediately after\nfreeing it in graph_trace_close(), ensuring that an invalid pointer\nis not passed to other tracers. Additionally, clean up the unnecessary\n\u0027iter-\u003eprivate = NULL\u0027 during each \u0027cat trace\u0027 when using wakeup and\nirqsoff tracers.\n\n [1] https://lore.kernel.org/all/20231112150030.84609-1-ryncsn@gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22035",
"url": "https://www.suse.com/security/cve/CVE-2025-22035"
},
{
"category": "external",
"summary": "SUSE Bug 1241544 for CVE-2025-22035",
"url": "https://bugzilla.suse.com/1241544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22035"
},
{
"cve": "CVE-2025-22083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint\n\nIf vhost_scsi_set_endpoint is called multiple times without a\nvhost_scsi_clear_endpoint between them, we can hit multiple bugs\nfound by Haoran Zhang:\n\n1. Use-after-free when no tpgs are found:\n\nThis fixes a use after free that occurs when vhost_scsi_set_endpoint is\ncalled more than once and calls after the first call do not find any\ntpgs to add to the vs_tpg. When vhost_scsi_set_endpoint first finds\ntpgs to add to the vs_tpg array match=true, so we will do:\n\nvhost_vq_set_backend(vq, vs_tpg);\n...\n\nkfree(vs-\u003evs_tpg);\nvs-\u003evs_tpg = vs_tpg;\n\nIf vhost_scsi_set_endpoint is called again and no tpgs are found\nmatch=false so we skip the vhost_vq_set_backend call leaving the\npointer to the vs_tpg we then free via:\n\nkfree(vs-\u003evs_tpg);\nvs-\u003evs_tpg = vs_tpg;\n\nIf a scsi request is then sent we do:\n\nvhost_scsi_handle_vq -\u003e vhost_scsi_get_req -\u003e vhost_vq_get_backend\n\nwhich sees the vs_tpg we just did a kfree on.\n\n2. Tpg dir removal hang:\n\nThis patch fixes an issue where we cannot remove a LIO/target layer\ntpg (and structs above it like the target) dir due to the refcount\ndropping to -1.\n\nThe problem is that if vhost_scsi_set_endpoint detects a tpg is already\nin the vs-\u003evs_tpg array or if the tpg has been removed so\ntarget_depend_item fails, the undepend goto handler will do\ntarget_undepend_item on all tpgs in the vs_tpg array dropping their\nrefcount to 0. At this time vs_tpg contains both the tpgs we have added\nin the current vhost_scsi_set_endpoint call as well as tpgs we added in\nprevious calls which are also in vs-\u003evs_tpg.\n\nLater, when vhost_scsi_clear_endpoint runs it will do\ntarget_undepend_item on all the tpgs in the vs-\u003evs_tpg which will drop\ntheir refcount to -1. Userspace will then not be able to remove the tpg\nand will hang when it tries to do rmdir on the tpg dir.\n\n3. Tpg leak:\n\nThis fixes a bug where we can leak tpgs and cause them to be\nun-removable because the target name is overwritten when\nvhost_scsi_set_endpoint is called multiple times but with different\ntarget names.\n\nThe bug occurs if a user has called VHOST_SCSI_SET_ENDPOINT and setup\na vhost-scsi device to target/tpg mapping, then calls\nVHOST_SCSI_SET_ENDPOINT again with a new target name that has tpgs we\nhaven\u0027t seen before (target1 has tpg1 but target2 has tpg2). When this\nhappens we don\u0027t teardown the old target tpg mapping and just overwrite\nthe target name and the vs-\u003evs_tpg array. Later when we do\nvhost_scsi_clear_endpoint, we are passed in either target1 or target2\u0027s\nname and we will only match that target\u0027s tpgs when we loop over the\nvs-\u003evs_tpg. We will then return from the function without doing\ntarget_undepend_item on the tpgs.\n\nBecause of all these bugs, it looks like being able to call\nvhost_scsi_set_endpoint multiple times was never supported. The major\nuser, QEMU, already has checks to prevent this use case. So to fix the\nissues, this patch prevents vhost_scsi_set_endpoint from being called\nif it\u0027s already successfully added tpgs. To add, remove or change the\ntpg config or target name, you must do a vhost_scsi_clear_endpoint\nfirst.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22083",
"url": "https://www.suse.com/security/cve/CVE-2025-22083"
},
{
"category": "external",
"summary": "SUSE Bug 1241414 for CVE-2025-22083",
"url": "https://bugzilla.suse.com/1241414"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22083"
},
{
"cve": "CVE-2025-22111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.\n\nSIOCBRDELIF is passed to dev_ioctl() first and later forwarded to\nbr_ioctl_call(), which causes unnecessary RTNL dance and the splat\nbelow [0] under RTNL pressure.\n\nLet\u0027s say Thread A is trying to detach a device from a bridge and\nThread B is trying to remove the bridge.\n\nIn dev_ioctl(), Thread A bumps the bridge device\u0027s refcnt by\nnetdev_hold() and releases RTNL because the following br_ioctl_call()\nalso re-acquires RTNL.\n\nIn the race window, Thread B could acquire RTNL and try to remove\nthe bridge device. Then, rtnl_unlock() by Thread B will release RTNL\nand wait for netdev_put() by Thread A.\n\nThread A, however, must hold RTNL after the unlock in dev_ifsioc(),\nwhich may take long under RTNL pressure, resulting in the splat by\nThread B.\n\n Thread A (SIOCBRDELIF) Thread B (SIOCBRDELBR)\n ---------------------- ----------------------\n sock_ioctl sock_ioctl\n `- sock_do_ioctl `- br_ioctl_call\n `- dev_ioctl `- br_ioctl_stub\n |- rtnl_lock |\n |- dev_ifsioc \u0027\n \u0027 |- dev = __dev_get_by_name(...)\n |- netdev_hold(dev, ...) .\n / |- rtnl_unlock ------. |\n | |- br_ioctl_call `---\u003e |- rtnl_lock\n Race | | `- br_ioctl_stub |- br_del_bridge\n Window | | | |- dev = __dev_get_by_name(...)\n | | | May take long | `- br_dev_delete(dev, ...)\n | | | under RTNL pressure | `- unregister_netdevice_queue(dev, ...)\n | | | | `- rtnl_unlock\n \\ | |- rtnl_lock \u003c-\u0027 `- netdev_run_todo\n | |- ... `- netdev_run_todo\n | `- rtnl_unlock |- __rtnl_unlock\n | |- netdev_wait_allrefs_any\n |- netdev_put(dev, ...) \u003c----------------\u0027\n Wait refcnt decrement\n and log splat below\n\nTo avoid blocking SIOCBRDELBR unnecessarily, let\u0027s not call\ndev_ioctl() for SIOCBRADDIF and SIOCBRDELIF.\n\nIn the dev_ioctl() path, we do the following:\n\n 1. Copy struct ifreq by get_user_ifreq in sock_do_ioctl()\n 2. Check CAP_NET_ADMIN in dev_ioctl()\n 3. Call dev_load() in dev_ioctl()\n 4. Fetch the master dev from ifr.ifr_name in dev_ifsioc()\n\n3. can be done by request_module() in br_ioctl_call(), so we move\n1., 2., and 4. to br_ioctl_stub().\n\nNote that 2. is also checked later in add_del_if(), but it\u0027s better\nperformed before RTNL.\n\nSIOCBRADDIF and SIOCBRDELIF have been processed in dev_ioctl() since\nthe pre-git era, and there seems to be no specific reason to process\nthem there.\n\n[0]:\nunregister_netdevice: waiting for wpan3 to become free. Usage count = 2\nref_tracker: wpan3@ffff8880662d8608 has 1/1 users at\n __netdev_tracker_alloc include/linux/netdevice.h:4282 [inline]\n netdev_hold include/linux/netdevice.h:4311 [inline]\n dev_ifsioc+0xc6a/0x1160 net/core/dev_ioctl.c:624\n dev_ioctl+0x255/0x10c0 net/core/dev_ioctl.c:826\n sock_do_ioctl+0x1ca/0x260 net/socket.c:1213\n sock_ioctl+0x23a/0x6c0 net/socket.c:1318\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl fs/ioctl.c:892 [inline]\n __x64_sys_ioctl+0x1a4/0x210 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcb/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22111",
"url": "https://www.suse.com/security/cve/CVE-2025-22111"
},
{
"category": "external",
"summary": "SUSE Bug 1241572 for CVE-2025-22111",
"url": "https://bugzilla.suse.com/1241572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22111"
},
{
"cve": "CVE-2025-22120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: goto right label \u0027out_mmap_sem\u0027 in ext4_setattr()\n\nOtherwise, if ext4_inode_attach_jinode() fails, a hung task will\nhappen because filemap_invalidate_unlock() isn\u0027t called to unlock\nmapping-\u003einvalidate_lock. Like this:\n\nEXT4-fs error (device sda) in ext4_setattr:5557: Out of memory\nINFO: task fsstress:374 blocked for more than 122 seconds.\n Not tainted 6.14.0-rc1-next-20250206-xfstests-dirty #726\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:fsstress state:D stack:0 pid:374 tgid:374 ppid:373\n task_flags:0x440140 flags:0x00000000\nCall Trace:\n \u003cTASK\u003e\n __schedule+0x2c9/0x7f0\n schedule+0x27/0xa0\n schedule_preempt_disabled+0x15/0x30\n rwsem_down_read_slowpath+0x278/0x4c0\n down_read+0x59/0xb0\n page_cache_ra_unbounded+0x65/0x1b0\n filemap_get_pages+0x124/0x3e0\n filemap_read+0x114/0x3d0\n vfs_read+0x297/0x360\n ksys_read+0x6c/0xe0\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22120",
"url": "https://www.suse.com/security/cve/CVE-2025-22120"
},
{
"category": "external",
"summary": "SUSE Bug 1241592 for CVE-2025-22120",
"url": "https://bugzilla.suse.com/1241592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-22120"
},
{
"cve": "CVE-2025-37756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tls: explicitly disallow disconnect\n\nsyzbot discovered that it can disconnect a TLS socket and then\nrun into all sort of unexpected corner cases. I have a vague\nrecollection of Eric pointing this out to us a long time ago.\nSupporting disconnect is really hard, for one thing if offload\nis enabled we\u0027d need to wait for all packets to be _acked_.\nDisconnect is not commonly used, disallow it.\n\nThe immediate problem syzbot run into is the warning in the strp,\nbut that\u0027s just the easiest bug to trigger:\n\n WARNING: CPU: 0 PID: 5834 at net/tls/tls_strp.c:486 tls_strp_msg_load+0x72e/0xa80 net/tls/tls_strp.c:486\n RIP: 0010:tls_strp_msg_load+0x72e/0xa80 net/tls/tls_strp.c:486\n Call Trace:\n \u003cTASK\u003e\n tls_rx_rec_wait+0x280/0xa60 net/tls/tls_sw.c:1363\n tls_sw_recvmsg+0x85c/0x1c30 net/tls/tls_sw.c:2043\n inet6_recvmsg+0x2c9/0x730 net/ipv6/af_inet6.c:678\n sock_recvmsg_nosec net/socket.c:1023 [inline]\n sock_recvmsg+0x109/0x280 net/socket.c:1045\n __sys_recvfrom+0x202/0x380 net/socket.c:2237",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37756",
"url": "https://www.suse.com/security/cve/CVE-2025-37756"
},
{
"category": "external",
"summary": "SUSE Bug 1242515 for CVE-2025-37756",
"url": "https://bugzilla.suse.com/1242515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37756"
},
{
"cve": "CVE-2025-37757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37757"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix memory leak in tipc_link_xmit\n\nIn case the backlog transmit queue for system-importance messages is overloaded,\ntipc_link_xmit() returns -ENOBUFS but the skb list is not purged. This leads to\nmemory leak and failure when a skb is allocated.\n\nThis commit fixes this issue by purging the skb list before tipc_link_xmit()\nreturns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37757",
"url": "https://www.suse.com/security/cve/CVE-2025-37757"
},
{
"category": "external",
"summary": "SUSE Bug 1242521 for CVE-2025-37757",
"url": "https://bugzilla.suse.com/1242521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37757"
},
{
"cve": "CVE-2025-37786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37786"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: free routing table on probe failure\n\nIf complete = true in dsa_tree_setup(), it means that we are the last\nswitch of the tree which is successfully probing, and we should be\nsetting up all switches from our probe path.\n\nAfter \"complete\" becomes true, dsa_tree_setup_cpu_ports() or any\nsubsequent function may fail. If that happens, the entire tree setup is\nin limbo: the first N-1 switches have successfully finished probing\n(doing nothing but having allocated persistent memory in the tree\u0027s\ndst-\u003eports, and maybe dst-\u003ertable), and switch N failed to probe, ending\nthe tree setup process before anything is tangible from the user\u0027s PoV.\n\nIf switch N fails to probe, its memory (ports) will be freed and removed\nfrom dst-\u003eports. However, the dst-\u003ertable elements pointing to its ports,\nas created by dsa_link_touch(), will remain there, and will lead to\nuse-after-free if dereferenced.\n\nIf dsa_tree_setup_switches() returns -EPROBE_DEFER, which is entirely\npossible because that is where ds-\u003eops-\u003esetup() is, we get a kasan\nreport like this:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mv88e6xxx_setup_upstream_port+0x240/0x568\nRead of size 8 at addr ffff000004f56020 by task kworker/u8:3/42\n\nCall trace:\n __asan_report_load8_noabort+0x20/0x30\n mv88e6xxx_setup_upstream_port+0x240/0x568\n mv88e6xxx_setup+0xebc/0x1eb0\n dsa_register_switch+0x1af4/0x2ae0\n mv88e6xxx_register_switch+0x1b8/0x2a8\n mv88e6xxx_probe+0xc4c/0xf60\n mdio_probe+0x78/0xb8\n really_probe+0x2b8/0x5a8\n __driver_probe_device+0x164/0x298\n driver_probe_device+0x78/0x258\n __device_attach_driver+0x274/0x350\n\nAllocated by task 42:\n __kasan_kmalloc+0x84/0xa0\n __kmalloc_cache_noprof+0x298/0x490\n dsa_switch_touch_ports+0x174/0x3d8\n dsa_register_switch+0x800/0x2ae0\n mv88e6xxx_register_switch+0x1b8/0x2a8\n mv88e6xxx_probe+0xc4c/0xf60\n mdio_probe+0x78/0xb8\n really_probe+0x2b8/0x5a8\n __driver_probe_device+0x164/0x298\n driver_probe_device+0x78/0x258\n __device_attach_driver+0x274/0x350\n\nFreed by task 42:\n __kasan_slab_free+0x48/0x68\n kfree+0x138/0x418\n dsa_register_switch+0x2694/0x2ae0\n mv88e6xxx_register_switch+0x1b8/0x2a8\n mv88e6xxx_probe+0xc4c/0xf60\n mdio_probe+0x78/0xb8\n really_probe+0x2b8/0x5a8\n __driver_probe_device+0x164/0x298\n driver_probe_device+0x78/0x258\n __device_attach_driver+0x274/0x350\n\nThe simplest way to fix the bug is to delete the routing table in its\nentirety. dsa_tree_setup_routing_table() has no problem in regenerating\nit even if we deleted links between ports other than those of switch N,\nbecause dsa_link_touch() first checks whether the port pair already\nexists in dst-\u003ertable, allocating if not.\n\nThe deletion of the routing table in its entirety already exists in\ndsa_tree_teardown(), so refactor that into a function that can also be\ncalled from the tree setup error path.\n\nIn my analysis of the commit to blame, it is the one which added\ndsa_link elements to dst-\u003ertable. Prior to that, each switch had its own\nds-\u003ertable which is freed when the switch fails to probe. But the tree\nis potentially persistent memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37786",
"url": "https://www.suse.com/security/cve/CVE-2025-37786"
},
{
"category": "external",
"summary": "SUSE Bug 1242725 for CVE-2025-37786",
"url": "https://bugzilla.suse.com/1242725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37786"
},
{
"cve": "CVE-2025-37811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: chipidea: ci_hdrc_imx: fix usbmisc handling\n\nusbmisc is an optional device property so it is totally valid for the\ncorresponding data-\u003eusbmisc_data to have a NULL value.\n\nCheck that before dereferencing the pointer.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37811",
"url": "https://www.suse.com/security/cve/CVE-2025-37811"
},
{
"category": "external",
"summary": "SUSE Bug 1242907 for CVE-2025-37811",
"url": "https://bugzilla.suse.com/1242907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37811"
},
{
"cve": "CVE-2025-37859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npage_pool: avoid infinite loop to schedule delayed worker\n\nWe noticed the kworker in page_pool_release_retry() was waken\nup repeatedly and infinitely in production because of the\nbuggy driver causing the inflight less than 0 and warning\nus in page_pool_inflight()[1].\n\nSince the inflight value goes negative, it means we should\nnot expect the whole page_pool to get back to work normally.\n\nThis patch mitigates the adverse effect by not rescheduling\nthe kworker when detecting the inflight negative in\npage_pool_release_retry().\n\n[1]\n[Mon Feb 10 20:36:11 2025] ------------[ cut here ]------------\n[Mon Feb 10 20:36:11 2025] Negative(-51446) inflight packet-pages\n...\n[Mon Feb 10 20:36:11 2025] Call Trace:\n[Mon Feb 10 20:36:11 2025] page_pool_release_retry+0x23/0x70\n[Mon Feb 10 20:36:11 2025] process_one_work+0x1b1/0x370\n[Mon Feb 10 20:36:11 2025] worker_thread+0x37/0x3a0\n[Mon Feb 10 20:36:11 2025] kthread+0x11a/0x140\n[Mon Feb 10 20:36:11 2025] ? process_one_work+0x370/0x370\n[Mon Feb 10 20:36:11 2025] ? __kthread_cancel_work+0x40/0x40\n[Mon Feb 10 20:36:11 2025] ret_from_fork+0x35/0x40\n[Mon Feb 10 20:36:11 2025] ---[ end trace ebffe800f33e7e34 ]---\nNote: before this patch, the above calltrace would flood the\ndmesg due to repeated reschedule of release_dw kworker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37859",
"url": "https://www.suse.com/security/cve/CVE-2025-37859"
},
{
"category": "external",
"summary": "SUSE Bug 1243051 for CVE-2025-37859",
"url": "https://bugzilla.suse.com/1243051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37859"
},
{
"cve": "CVE-2025-37884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix deadlock between rcu_tasks_trace and event_mutex.\n\nFix the following deadlock:\nCPU A\n_free_event()\n perf_kprobe_destroy()\n mutex_lock(\u0026event_mutex)\n perf_trace_event_unreg()\n synchronize_rcu_tasks_trace()\n\nThere are several paths where _free_event() grabs event_mutex\nand calls sync_rcu_tasks_trace. Above is one such case.\n\nCPU B\nbpf_prog_test_run_syscall()\n rcu_read_lock_trace()\n bpf_prog_run_pin_on_cpu()\n bpf_prog_load()\n bpf_tracing_func_proto()\n trace_set_clr_event()\n mutex_lock(\u0026event_mutex)\n\nDelegate trace_set_clr_event() to workqueue to avoid\nsuch lock dependency.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37884",
"url": "https://www.suse.com/security/cve/CVE-2025-37884"
},
{
"category": "external",
"summary": "SUSE Bug 1243060 for CVE-2025-37884",
"url": "https://bugzilla.suse.com/1243060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37884"
},
{
"cve": "CVE-2025-37909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lan743x: Fix memleak issue when GSO enabled\n\nAlways map the `skb` to the LS descriptor. Previously skb was\nmapped to EXT descriptor when the number of fragments is zero with\nGSO enabled. Mapping the skb to EXT descriptor prevents it from\nbeing freed, leading to a memory leak",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37909",
"url": "https://www.suse.com/security/cve/CVE-2025-37909"
},
{
"category": "external",
"summary": "SUSE Bug 1243467 for CVE-2025-37909",
"url": "https://bugzilla.suse.com/1243467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37909"
},
{
"cve": "CVE-2025-37921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: vnifilter: Fix unlocked deletion of default FDB entry\n\nWhen a VNI is deleted from a VXLAN device in \u0027vnifilter\u0027 mode, the FDB\nentry associated with the default remote (assuming one was configured)\nis deleted without holding the hash lock. This is wrong and will result\nin a warning [1] being generated by the lockdep annotation that was\nadded by commit ebe642067455 (\"vxlan: Create wrappers for FDB lookup\").\n\nReproducer:\n\n # ip link add vx0 up type vxlan dstport 4789 external vnifilter local 192.0.2.1\n # bridge vni add vni 10010 remote 198.51.100.1 dev vx0\n # bridge vni del vni 10010 dev vx0\n\nFix by acquiring the hash lock before the deletion and releasing it\nafterwards. Blame the original commit that introduced the issue rather\nthan the one that exposed it.\n\n[1]\nWARNING: CPU: 3 PID: 392 at drivers/net/vxlan/vxlan_core.c:417 vxlan_find_mac+0x17f/0x1a0\n[...]\nRIP: 0010:vxlan_find_mac+0x17f/0x1a0\n[...]\nCall Trace:\n \u003cTASK\u003e\n __vxlan_fdb_delete+0xbe/0x560\n vxlan_vni_delete_group+0x2ba/0x940\n vxlan_vni_del.isra.0+0x15f/0x580\n vxlan_process_vni_filter+0x38b/0x7b0\n vxlan_vnifilter_process+0x3bb/0x510\n rtnetlink_rcv_msg+0x2f7/0xb70\n netlink_rcv_skb+0x131/0x360\n netlink_unicast+0x426/0x710\n netlink_sendmsg+0x75a/0xc20\n __sock_sendmsg+0xc1/0x150\n ____sys_sendmsg+0x5aa/0x7b0\n ___sys_sendmsg+0xfc/0x180\n __sys_sendmsg+0x121/0x1b0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37921",
"url": "https://www.suse.com/security/cve/CVE-2025-37921"
},
{
"category": "external",
"summary": "SUSE Bug 1243480 for CVE-2025-37921",
"url": "https://bugzilla.suse.com/1243480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37921"
},
{
"cve": "CVE-2025-37923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix oob write in trace_seq_to_buffer()\n\nsyzbot reported this bug:\n==================================================================\nBUG: KASAN: slab-out-of-bounds in trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\nBUG: KASAN: slab-out-of-bounds in tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\nWrite of size 4507 at addr ffff888032b6b000 by task syz.2.320/7260\n\nCPU: 1 UID: 0 PID: 7260 Comm: syz.2.320 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n __asan_memcpy+0x3c/0x60 mm/kasan/shadow.c:106\n trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\n tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\n ....\n==================================================================\n\nIt has been reported that trace_seq_to_buffer() tries to copy more data\nthan PAGE_SIZE to buf. Therefore, to prevent this, we should use the\nsmaller of trace_seq_used(\u0026iter-\u003eseq) and PAGE_SIZE as an argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37923",
"url": "https://www.suse.com/security/cve/CVE-2025-37923"
},
{
"category": "external",
"summary": "SUSE Bug 1243551 for CVE-2025-37923",
"url": "https://bugzilla.suse.com/1243551"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37923"
},
{
"cve": "CVE-2025-37927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid\n\nThere is a string parsing logic error which can lead to an overflow of hid\nor uid buffers. Comparing ACPIID_LEN against a total string length doesn\u0027t\ntake into account the lengths of individual hid and uid buffers so the\ncheck is insufficient in some cases. For example if the length of hid\nstring is 4 and the length of the uid string is 260, the length of str\nwill be equal to ACPIID_LEN + 1 but uid string will overflow uid buffer\nwhich size is 256.\n\nThe same applies to the hid string with length 13 and uid string with\nlength 250.\n\nCheck the length of hid and uid strings separately to prevent\nbuffer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37927",
"url": "https://www.suse.com/security/cve/CVE-2025-37927"
},
{
"category": "external",
"summary": "SUSE Bug 1243620 for CVE-2025-37927",
"url": "https://bugzilla.suse.com/1243620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37927"
},
{
"cve": "CVE-2025-37938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Verify event formats that have \"%*p..\"\n\nThe trace event verifier checks the formats of trace events to make sure\nthat they do not point at memory that is not in the trace event itself or\nin data that will never be freed. If an event references data that was\nallocated when the event triggered and that same data is freed before the\nevent is read, then the kernel can crash by reading freed memory.\n\nThe verifier runs at boot up (or module load) and scans the print formats\nof the events and checks their arguments to make sure that dereferenced\npointers are safe. If the format uses \"%*p..\" the verifier will ignore it,\nand that could be dangerous. Cover this case as well.\n\nAlso add to the sample code a use case of \"%*pbl\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37938",
"url": "https://www.suse.com/security/cve/CVE-2025-37938"
},
{
"category": "external",
"summary": "SUSE Bug 1243544 for CVE-2025-37938",
"url": "https://bugzilla.suse.com/1243544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37938"
},
{
"cve": "CVE-2025-37945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY\n\nDSA has 2 kinds of drivers:\n\n1. Those who call dsa_switch_suspend() and dsa_switch_resume() from\n their device PM ops: qca8k-8xxx, bcm_sf2, microchip ksz\n2. Those who don\u0027t: all others. The above methods should be optional.\n\nFor type 1, dsa_switch_suspend() calls dsa_user_suspend() -\u003e phylink_stop(),\nand dsa_switch_resume() calls dsa_user_resume() -\u003e phylink_start().\nThese seem good candidates for setting mac_managed_pm = true because\nthat is essentially its definition [1], but that does not seem to be the\nbiggest problem for now, and is not what this change focuses on.\n\nTalking strictly about the 2nd category of DSA drivers here (which\ndo not have MAC managed PM, meaning that for their attached PHYs,\nmdio_bus_phy_suspend() and mdio_bus_phy_resume() should run in full),\nI have noticed that the following warning from mdio_bus_phy_resume() is\ntriggered:\n\n\tWARN_ON(phydev-\u003estate != PHY_HALTED \u0026\u0026 phydev-\u003estate != PHY_READY \u0026\u0026\n\t\tphydev-\u003estate != PHY_UP);\n\nbecause the PHY state machine is running.\n\nIt\u0027s running as a result of a previous dsa_user_open() -\u003e ... -\u003e\nphylink_start() -\u003e phy_start() having been initiated by the user.\n\nThe previous mdio_bus_phy_suspend() was supposed to have called\nphy_stop_machine(), but it didn\u0027t. So this is why the PHY is in state\nPHY_NOLINK by the time mdio_bus_phy_resume() runs.\n\nmdio_bus_phy_suspend() did not call phy_stop_machine() because for\nphylink, the phydev-\u003eadjust_link function pointer is NULL. This seems a\ntechnicality introduced by commit fddd91016d16 (\"phylib: fix PAL state\nmachine restart on resume\"). That commit was written before phylink\nexisted, and was intended to avoid crashing with consumer drivers which\ndon\u0027t use the PHY state machine - phylink always does, when using a PHY.\nBut phylink itself has historically not been developed with\nsuspend/resume in mind, and apparently not tested too much in that\nscenario, allowing this bug to exist unnoticed for so long. Plus, prior\nto the WARN_ON(), it would have likely been invisible.\n\nThis issue is not in fact restricted to type 2 DSA drivers (according to\nthe above ad-hoc classification), but can be extrapolated to any MAC\ndriver with phylink and MDIO-bus-managed PHY PM ops. DSA is just where\nthe issue was reported. Assuming mac_managed_pm is set correctly, a\nquick search indicates the following other drivers might be affected:\n\n$ grep -Zlr PHYLINK_NETDEV drivers/ | xargs -0 grep -L mac_managed_pm\ndrivers/net/ethernet/atheros/ag71xx.c\ndrivers/net/ethernet/microchip/sparx5/sparx5_main.c\ndrivers/net/ethernet/microchip/lan966x/lan966x_main.c\ndrivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c\ndrivers/net/ethernet/freescale/fs_enet/fs_enet-main.c\ndrivers/net/ethernet/freescale/dpaa/dpaa_eth.c\ndrivers/net/ethernet/freescale/ucc_geth.c\ndrivers/net/ethernet/freescale/enetc/enetc_pf_common.c\ndrivers/net/ethernet/marvell/mvpp2/mvpp2_main.c\ndrivers/net/ethernet/marvell/mvneta.c\ndrivers/net/ethernet/marvell/prestera/prestera_main.c\ndrivers/net/ethernet/mediatek/mtk_eth_soc.c\ndrivers/net/ethernet/altera/altera_tse_main.c\ndrivers/net/ethernet/wangxun/txgbe/txgbe_phy.c\ndrivers/net/ethernet/meta/fbnic/fbnic_phylink.c\ndrivers/net/ethernet/tehuti/tn40_phy.c\ndrivers/net/ethernet/mscc/ocelot_net.c\n\nMake the existing conditions dependent on the PHY device having a\nphydev-\u003ephy_link_change() implementation equal to the default\nphy_link_change() provided by phylib. Otherwise, we implicitly know that\nthe phydev has the phylink-provided phylink_phy_change() callback, and\nwhen phylink is used, the PHY state machine always needs to be stopped/\nstarted on the suspend/resume path. The code is structured as such that\nif phydev-\u003ephy_link_change() is absent, it is a matter of time until the\nkernel will crash - no need to further complicate the test.\n\nThus, for the situation where the PM is not managed b\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37945",
"url": "https://www.suse.com/security/cve/CVE-2025-37945"
},
{
"category": "external",
"summary": "SUSE Bug 1243538 for CVE-2025-37945",
"url": "https://bugzilla.suse.com/1243538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37945"
},
{
"cve": "CVE-2025-37946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37946"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs\n\nWith commit bcb5d6c76903 (\"s390/pci: introduce lock to synchronize state\nof zpci_dev\u0027s\") the code to ignore power off of a PF that has child VFs\nwas changed from a direct return to a goto to the unlock and\npci_dev_put() section. The change however left the existing pci_dev_put()\nuntouched resulting in a doubple put. This can subsequently cause a use\nafter free if the struct pci_dev is released in an unexpected state.\nFix this by removing the extra pci_dev_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37946",
"url": "https://www.suse.com/security/cve/CVE-2025-37946"
},
{
"category": "external",
"summary": "SUSE Bug 1243506 for CVE-2025-37946",
"url": "https://bugzilla.suse.com/1243506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37946"
},
{
"cve": "CVE-2025-37961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix uninit-value for saddr in do_output_route4\n\nsyzbot reports for uninit-value for the saddr argument [1].\ncommit 4754957f04f5 (\"ipvs: do not use random local source address for\ntunnels\") already implies that the input value of saddr\nshould be ignored but the code is still reading it which can prevent\nto connect the route. Fix it by changing the argument to ret_saddr.\n\n[1]\nBUG: KMSAN: uninit-value in do_output_route4+0x42c/0x4d0 net/netfilter/ipvs/ip_vs_xmit.c:147\n do_output_route4+0x42c/0x4d0 net/netfilter/ipvs/ip_vs_xmit.c:147\n __ip_vs_get_out_rt+0x403/0x21d0 net/netfilter/ipvs/ip_vs_xmit.c:330\n ip_vs_tunnel_xmit+0x205/0x2380 net/netfilter/ipvs/ip_vs_xmit.c:1136\n ip_vs_in_hook+0x1aa5/0x35b0 net/netfilter/ipvs/ip_vs_core.c:2063\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf7/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n __ip_local_out+0x758/0x7e0 net/ipv4/ip_output.c:118\n ip_local_out net/ipv4/ip_output.c:127 [inline]\n ip_send_skb+0x6a/0x3c0 net/ipv4/ip_output.c:1501\n udp_send_skb+0xfda/0x1b70 net/ipv4/udp.c:1195\n udp_sendmsg+0x2fe3/0x33c0 net/ipv4/udp.c:1483\n inet_sendmsg+0x1fc/0x280 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x267/0x380 net/socket.c:727\n ____sys_sendmsg+0x91b/0xda0 net/socket.c:2566\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2620\n __sys_sendmmsg+0x41d/0x880 net/socket.c:2702\n __compat_sys_sendmmsg net/compat.c:360 [inline]\n __do_compat_sys_sendmmsg net/compat.c:367 [inline]\n __se_compat_sys_sendmmsg net/compat.c:364 [inline]\n __ia32_compat_sys_sendmmsg+0xc8/0x140 net/compat.c:364\n ia32_sys_call+0x3ffa/0x41f0 arch/x86/include/generated/asm/syscalls_32.h:346\n do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/syscall_32.c:306\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:331\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:369\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4167 [inline]\n slab_alloc_node mm/slub.c:4210 [inline]\n __kmalloc_cache_noprof+0x8fa/0xe00 mm/slub.c:4367\n kmalloc_noprof include/linux/slab.h:905 [inline]\n ip_vs_dest_dst_alloc net/netfilter/ipvs/ip_vs_xmit.c:61 [inline]\n __ip_vs_get_out_rt+0x35d/0x21d0 net/netfilter/ipvs/ip_vs_xmit.c:323\n ip_vs_tunnel_xmit+0x205/0x2380 net/netfilter/ipvs/ip_vs_xmit.c:1136\n ip_vs_in_hook+0x1aa5/0x35b0 net/netfilter/ipvs/ip_vs_core.c:2063\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf7/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n __ip_local_out+0x758/0x7e0 net/ipv4/ip_output.c:118\n ip_local_out net/ipv4/ip_output.c:127 [inline]\n ip_send_skb+0x6a/0x3c0 net/ipv4/ip_output.c:1501\n udp_send_skb+0xfda/0x1b70 net/ipv4/udp.c:1195\n udp_sendmsg+0x2fe3/0x33c0 net/ipv4/udp.c:1483\n inet_sendmsg+0x1fc/0x280 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x267/0x380 net/socket.c:727\n ____sys_sendmsg+0x91b/0xda0 net/socket.c:2566\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2620\n __sys_sendmmsg+0x41d/0x880 net/socket.c:2702\n __compat_sys_sendmmsg net/compat.c:360 [inline]\n __do_compat_sys_sendmmsg net/compat.c:367 [inline]\n __se_compat_sys_sendmmsg net/compat.c:364 [inline]\n __ia32_compat_sys_sendmmsg+0xc8/0x140 net/compat.c:364\n ia32_sys_call+0x3ffa/0x41f0 arch/x86/include/generated/asm/syscalls_32.h:346\n do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/syscall_32.c:306\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:331\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:369\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nCPU: 0 UID: 0 PID: 22408 Comm: syz.4.5165 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(undef)\nHardware name: Google Google Compute Engi\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37961",
"url": "https://www.suse.com/security/cve/CVE-2025-37961"
},
{
"category": "external",
"summary": "SUSE Bug 1243523 for CVE-2025-37961",
"url": "https://bugzilla.suse.com/1243523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37961"
},
{
"cve": "CVE-2025-37973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation\n\nCurrently during the multi-link element defragmentation process, the\nmulti-link element length added to the total IEs length when calculating\nthe length of remaining IEs after the multi-link element in\ncfg80211_defrag_mle(). This could lead to out-of-bounds access if the\nmulti-link element or its corresponding fragment elements are the last\nelements in the IEs buffer.\n\nTo address this issue, correctly calculate the remaining IEs length by\ndeducting the multi-link element end offset from total IEs end offset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37973",
"url": "https://www.suse.com/security/cve/CVE-2025-37973"
},
{
"category": "external",
"summary": "SUSE Bug 1244172 for CVE-2025-37973",
"url": "https://bugzilla.suse.com/1244172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37973"
},
{
"cve": "CVE-2025-37992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: Flush gso_skb list too during -\u003echange()\n\nPreviously, when reducing a qdisc\u0027s limit via the -\u003echange() operation, only\nthe main skb queue was trimmed, potentially leaving packets in the gso_skb\nlist. This could result in NULL pointer dereference when we only check\nsch-\u003elimit against sch-\u003eq.qlen.\n\nThis patch introduces a new helper, qdisc_dequeue_internal(), which ensures\nboth the gso_skb list and the main queue are properly flushed when trimming\nexcess packets. All relevant qdiscs (codel, fq, fq_codel, fq_pie, hhf, pie)\nare updated to use this helper in their -\u003echange() routines.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37992",
"url": "https://www.suse.com/security/cve/CVE-2025-37992"
},
{
"category": "external",
"summary": "SUSE Bug 1243698 for CVE-2025-37992",
"url": "https://bugzilla.suse.com/1243698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37992"
},
{
"cve": "CVE-2025-37994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: displayport: Fix NULL pointer access\n\nThis patch ensures that the UCSI driver waits for all pending tasks in the\nucsi_displayport_work workqueue to finish executing before proceeding with\nthe partner removal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37994",
"url": "https://www.suse.com/security/cve/CVE-2025-37994"
},
{
"category": "external",
"summary": "SUSE Bug 1243823 for CVE-2025-37994",
"url": "https://bugzilla.suse.com/1243823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37994"
},
{
"cve": "CVE-2025-37995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmodule: ensure that kobject_put() is safe for module type kobjects\n\nIn \u0027lookup_or_create_module_kobject()\u0027, an internal kobject is created\nusing \u0027module_ktype\u0027. So call to \u0027kobject_put()\u0027 on error handling\npath causes an attempt to use an uninitialized completion pointer in\n\u0027module_kobject_release()\u0027. In this scenario, we just want to release\nkobject without an extra synchronization required for a regular module\nunloading process, so adding an extra check whether \u0027complete()\u0027 is\nactually required makes \u0027kobject_put()\u0027 safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37995",
"url": "https://www.suse.com/security/cve/CVE-2025-37995"
},
{
"category": "external",
"summary": "SUSE Bug 1243827 for CVE-2025-37995",
"url": "https://bugzilla.suse.com/1243827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37995"
},
{
"cve": "CVE-2025-37997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: fix region locking in hash types\n\nRegion locking introduced in v5.6-rc4 contained three macros to handle\nthe region locks: ahash_bucket_start(), ahash_bucket_end() which gave\nback the start and end hash bucket values belonging to a given region\nlock and ahash_region() which should give back the region lock belonging\nto a given hash bucket. The latter was incorrect which can lead to a\nrace condition between the garbage collector and adding new elements\nwhen a hash type of set is defined with timeouts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37997",
"url": "https://www.suse.com/security/cve/CVE-2025-37997"
},
{
"category": "external",
"summary": "SUSE Bug 1243832 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "external",
"summary": "SUSE Bug 1245774 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1245774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "important"
}
],
"title": "CVE-2025-37997"
},
{
"cve": "CVE-2025-38000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()\n\nWhen enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the\nchild qdisc\u0027s peek() operation before incrementing sch-\u003eq.qlen and\nsch-\u003eqstats.backlog. If the child qdisc uses qdisc_peek_dequeued(), this may\ntrigger an immediate dequeue and potential packet drop. In such cases,\nqdisc_tree_reduce_backlog() is called, but the HFSC qdisc\u0027s qlen and backlog\nhave not yet been updated, leading to inconsistent queue accounting. This\ncan leave an empty HFSC class in the active list, causing further\nconsequences like use-after-free.\n\nThis patch fixes the bug by moving the increment of sch-\u003eq.qlen and\nsch-\u003eqstats.backlog before the call to the child qdisc\u0027s peek() operation.\nThis ensures that queue length and backlog are always accurate when packet\ndrops or dequeues are triggered during the peek.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38000",
"url": "https://www.suse.com/security/cve/CVE-2025-38000"
},
{
"category": "external",
"summary": "SUSE Bug 1244277 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "external",
"summary": "SUSE Bug 1245775 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1245775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "important"
}
],
"title": "CVE-2025-38000"
},
{
"cve": "CVE-2025-38001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Address reentrant enqueue adding class to eltree twice\n\nSavino says:\n \"We are writing to report that this recent patch\n (141d34391abbb315d68556b7c67ad97885407547) [1]\n can be bypassed, and a UAF can still occur when HFSC is utilized with\n NETEM.\n\n The patch only checks the cl-\u003ecl_nactive field to determine whether\n it is the first insertion or not [2], but this field is only\n incremented by init_vf [3].\n\n By using HFSC_RSC (which uses init_ed) [4], it is possible to bypass the\n check and insert the class twice in the eltree.\n Under normal conditions, this would lead to an infinite loop in\n hfsc_dequeue for the reasons we already explained in this report [5].\n\n However, if TBF is added as root qdisc and it is configured with a\n very low rate,\n it can be utilized to prevent packets from being dequeued.\n This behavior can be exploited to perform subsequent insertions in the\n HFSC eltree and cause a UAF.\"\n\nTo fix both the UAF and the infinite loop, with netem as an hfsc child,\ncheck explicitly in hfsc_enqueue whether the class is already in the eltree\nwhenever the HFSC_RSC flag is set.\n\n[1] https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=141d34391abbb315d68556b7c67ad97885407547\n[2] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1572\n[3] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L677\n[4] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1574\n[5] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/T/#u",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38001",
"url": "https://www.suse.com/security/cve/CVE-2025-38001"
},
{
"category": "external",
"summary": "SUSE Bug 1244234 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "external",
"summary": "SUSE Bug 1244235 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "important"
}
],
"title": "CVE-2025-38001"
},
{
"cve": "CVE-2025-38003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38003"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: add missing rcu read protection for procfs content\n\nWhen the procfs content is generated for a bcm_op which is in the process\nto be removed the procfs output might show unreliable data (UAF).\n\nAs the removal of bcm_op\u0027s is already implemented with rcu handling this\npatch adds the missing rcu_read_lock() and makes sure the list entries\nare properly removed under rcu protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38003",
"url": "https://www.suse.com/security/cve/CVE-2025-38003"
},
{
"category": "external",
"summary": "SUSE Bug 1244275 for CVE-2025-38003",
"url": "https://bugzilla.suse.com/1244275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38003"
},
{
"cve": "CVE-2025-38004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: add locking for bcm_op runtime updates\n\nThe CAN broadcast manager (CAN BCM) can send a sequence of CAN frames via\nhrtimer. The content and also the length of the sequence can be changed\nresp reduced at runtime where the \u0027currframe\u0027 counter is then set to zero.\n\nAlthough this appeared to be a safe operation the updates of \u0027currframe\u0027\ncan be triggered from user space and hrtimer context in bcm_can_tx().\nAnderson Nascimento created a proof of concept that triggered a KASAN\nslab-out-of-bounds read access which can be prevented with a spin_lock_bh.\n\nAt the rework of bcm_can_tx() the \u0027count\u0027 variable has been moved into\nthe protected section as this variable can be modified from both contexts\ntoo.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38004",
"url": "https://www.suse.com/security/cve/CVE-2025-38004"
},
{
"category": "external",
"summary": "SUSE Bug 1244274 for CVE-2025-38004",
"url": "https://bugzilla.suse.com/1244274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38004"
},
{
"cve": "CVE-2025-38005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: k3-udma: Add missing locking\n\nRecent kernels complain about a missing lock in k3-udma.c when the lock\nvalidator is enabled:\n\n[ 4.128073] WARNING: CPU: 0 PID: 746 at drivers/dma/ti/../virt-dma.h:169 udma_start.isra.0+0x34/0x238\n[ 4.137352] CPU: 0 UID: 0 PID: 746 Comm: kworker/0:3 Not tainted 6.12.9-arm64 #28\n[ 4.144867] Hardware name: pp-v12 (DT)\n[ 4.148648] Workqueue: events udma_check_tx_completion\n[ 4.153841] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 4.160834] pc : udma_start.isra.0+0x34/0x238\n[ 4.165227] lr : udma_start.isra.0+0x30/0x238\n[ 4.169618] sp : ffffffc083cabcf0\n[ 4.172963] x29: ffffffc083cabcf0 x28: 0000000000000000 x27: ffffff800001b005\n[ 4.180167] x26: ffffffc0812f0000 x25: 0000000000000000 x24: 0000000000000000\n[ 4.187370] x23: 0000000000000001 x22: 00000000e21eabe9 x21: ffffff8000fa0670\n[ 4.194571] x20: ffffff8001b6bf00 x19: ffffff8000fa0430 x18: ffffffc083b95030\n[ 4.201773] x17: 0000000000000000 x16: 00000000f0000000 x15: 0000000000000048\n[ 4.208976] x14: 0000000000000048 x13: 0000000000000000 x12: 0000000000000001\n[ 4.216179] x11: ffffffc08151a240 x10: 0000000000003ea1 x9 : ffffffc08046ab68\n[ 4.223381] x8 : ffffffc083cabac0 x7 : ffffffc081df3718 x6 : 0000000000029fc8\n[ 4.230583] x5 : ffffffc0817ee6d8 x4 : 0000000000000bc0 x3 : 0000000000000000\n[ 4.237784] x2 : 0000000000000000 x1 : 00000000001fffff x0 : 0000000000000000\n[ 4.244986] Call trace:\n[ 4.247463] udma_start.isra.0+0x34/0x238\n[ 4.251509] udma_check_tx_completion+0xd0/0xdc\n[ 4.256076] process_one_work+0x244/0x3fc\n[ 4.260129] process_scheduled_works+0x6c/0x74\n[ 4.264610] worker_thread+0x150/0x1dc\n[ 4.268398] kthread+0xd8/0xe8\n[ 4.271492] ret_from_fork+0x10/0x20\n[ 4.275107] irq event stamp: 220\n[ 4.278363] hardirqs last enabled at (219): [\u003cffffffc080a27c7c\u003e] _raw_spin_unlock_irq+0x38/0x50\n[ 4.287183] hardirqs last disabled at (220): [\u003cffffffc080a1c154\u003e] el1_dbg+0x24/0x50\n[ 4.294879] softirqs last enabled at (182): [\u003cffffffc080037e68\u003e] handle_softirqs+0x1c0/0x3cc\n[ 4.303437] softirqs last disabled at (177): [\u003cffffffc080010170\u003e] __do_softirq+0x1c/0x28\n[ 4.311559] ---[ end trace 0000000000000000 ]---\n\nThis commit adds the missing locking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38005",
"url": "https://www.suse.com/security/cve/CVE-2025-38005"
},
{
"category": "external",
"summary": "SUSE Bug 1244727 for CVE-2025-38005",
"url": "https://bugzilla.suse.com/1244727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38005"
},
{
"cve": "CVE-2025-38007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: uclogic: Add NULL check in uclogic_input_configured()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nuclogic_input_configured() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38007",
"url": "https://www.suse.com/security/cve/CVE-2025-38007"
},
{
"category": "external",
"summary": "SUSE Bug 1244938 for CVE-2025-38007",
"url": "https://bugzilla.suse.com/1244938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38007"
},
{
"cve": "CVE-2025-38009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: disable napi on driver removal\n\nA warning on driver removal started occurring after commit 9dd05df8403b\n(\"net: warn if NAPI instance wasn\u0027t shut down\"). Disable tx napi before\ndeleting it in mt76_dma_cleanup().\n\n WARNING: CPU: 4 PID: 18828 at net/core/dev.c:7288 __netif_napi_del_locked+0xf0/0x100\n CPU: 4 UID: 0 PID: 18828 Comm: modprobe Not tainted 6.15.0-rc4 #4 PREEMPT(lazy)\n Hardware name: ASUS System Product Name/PRIME X670E-PRO WIFI, BIOS 3035 09/05/2024\n RIP: 0010:__netif_napi_del_locked+0xf0/0x100\n Call Trace:\n \u003cTASK\u003e\n mt76_dma_cleanup+0x54/0x2f0 [mt76]\n mt7921_pci_remove+0xd5/0x190 [mt7921e]\n pci_device_remove+0x47/0xc0\n device_release_driver_internal+0x19e/0x200\n driver_detach+0x48/0x90\n bus_remove_driver+0x6d/0xf0\n pci_unregister_driver+0x2e/0xb0\n __do_sys_delete_module.isra.0+0x197/0x2e0\n do_syscall_64+0x7b/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nTested with mt7921e but the same pattern can be actually applied to other\nmt76 drivers calling mt76_dma_cleanup() during removal. Tx napi is enabled\nin their *_dma_init() functions and only toggled off and on again inside\ntheir suspend/resume/reset paths. So it should be okay to disable tx\nnapi in such a generic way.\n\nFound by Linux Verification Center (linuxtesting.org).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38009",
"url": "https://www.suse.com/security/cve/CVE-2025-38009"
},
{
"category": "external",
"summary": "SUSE Bug 1244995 for CVE-2025-38009",
"url": "https://bugzilla.suse.com/1244995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "low"
}
],
"title": "CVE-2025-38009"
},
{
"cve": "CVE-2025-38010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: tegra: xusb: Use a bitmask for UTMI pad power state tracking\n\nThe current implementation uses bias_pad_enable as a reference count to\nmanage the shared bias pad for all UTMI PHYs. However, during system\nsuspension with connected USB devices, multiple power-down requests for\nthe UTMI pad result in a mismatch in the reference count, which in turn\nproduces warnings such as:\n\n[ 237.762967] WARNING: CPU: 10 PID: 1618 at tegra186_utmi_pad_power_down+0x160/0x170\n[ 237.763103] Call trace:\n[ 237.763104] tegra186_utmi_pad_power_down+0x160/0x170\n[ 237.763107] tegra186_utmi_phy_power_off+0x10/0x30\n[ 237.763110] phy_power_off+0x48/0x100\n[ 237.763113] tegra_xusb_enter_elpg+0x204/0x500\n[ 237.763119] tegra_xusb_suspend+0x48/0x140\n[ 237.763122] platform_pm_suspend+0x2c/0xb0\n[ 237.763125] dpm_run_callback.isra.0+0x20/0xa0\n[ 237.763127] __device_suspend+0x118/0x330\n[ 237.763129] dpm_suspend+0x10c/0x1f0\n[ 237.763130] dpm_suspend_start+0x88/0xb0\n[ 237.763132] suspend_devices_and_enter+0x120/0x500\n[ 237.763135] pm_suspend+0x1ec/0x270\n\nThe root cause was traced back to the dynamic power-down changes\nintroduced in commit a30951d31b25 (\"xhci: tegra: USB2 pad power controls\"),\nwhere the UTMI pad was being powered down without verifying its current\nstate. This unbalanced behavior led to discrepancies in the reference\ncount.\n\nTo rectify this issue, this patch replaces the single reference counter\nwith a bitmask, renamed to utmi_pad_enabled. Each bit in the mask\ncorresponds to one of the four USB2 PHYs, allowing us to track each pad\u0027s\nenablement status individually.\n\nWith this change:\n - The bias pad is powered on only when the mask is clear.\n - Each UTMI pad is powered on or down based on its corresponding bit\n in the mask, preventing redundant operations.\n - The overall power state of the shared bias pad is maintained\n correctly during suspend/resume cycles.\n\nThe mutex used to prevent race conditions during UTMI pad enable/disable\noperations has been moved from the tegra186_utmi_bias_pad_power_on/off\nfunctions to the parent functions tegra186_utmi_pad_power_on/down. This\nchange ensures that there are no race conditions when updating the bitmask.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38010",
"url": "https://www.suse.com/security/cve/CVE-2025-38010"
},
{
"category": "external",
"summary": "SUSE Bug 1244996 for CVE-2025-38010",
"url": "https://bugzilla.suse.com/1244996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "low"
}
],
"title": "CVE-2025-38010"
},
{
"cve": "CVE-2025-38011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: csa unmap use uninterruptible lock\n\nAfter process exit to unmap csa and free GPU vm, if signal is accepted\nand then waiting to take vm lock is interrupted and return, it causes\nmemory leaking and below warning backtrace.\n\nChange to use uninterruptible wait lock fix the issue.\n\nWARNING: CPU: 69 PID: 167800 at amd/amdgpu/amdgpu_kms.c:1525\n amdgpu_driver_postclose_kms+0x294/0x2a0 [amdgpu]\n Call Trace:\n \u003cTASK\u003e\n drm_file_free.part.0+0x1da/0x230 [drm]\n drm_close_helper.isra.0+0x65/0x70 [drm]\n drm_release+0x6a/0x120 [drm]\n amdgpu_drm_release+0x51/0x60 [amdgpu]\n __fput+0x9f/0x280\n ____fput+0xe/0x20\n task_work_run+0x67/0xa0\n do_exit+0x217/0x3c0\n do_group_exit+0x3b/0xb0\n get_signal+0x14a/0x8d0\n arch_do_signal_or_restart+0xde/0x100\n exit_to_user_mode_loop+0xc1/0x1a0\n exit_to_user_mode_prepare+0xf4/0x100\n syscall_exit_to_user_mode+0x17/0x40\n do_syscall_64+0x69/0xc0\n\n(cherry picked from commit 7dbbfb3c171a6f63b01165958629c9c26abf38ab)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38011",
"url": "https://www.suse.com/security/cve/CVE-2025-38011"
},
{
"category": "external",
"summary": "SUSE Bug 1244729 for CVE-2025-38011",
"url": "https://bugzilla.suse.com/1244729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38011"
},
{
"cve": "CVE-2025-38013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request\n\nMake sure that n_channels is set after allocating the\nstruct cfg80211_registered_device::int_scan_req member. Seen with\nsyzkaller:\n\nUBSAN: array-index-out-of-bounds in net/mac80211/scan.c:1208:5\nindex 0 is out of range for type \u0027struct ieee80211_channel *[] __counted_by(n_channels)\u0027 (aka \u0027struct ieee80211_channel *[]\u0027)\n\nThis was missed in the initial conversions because I failed to locate\nthe allocation likely due to the \"sizeof(void *)\" not matching the\n\"channels\" array type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38013",
"url": "https://www.suse.com/security/cve/CVE-2025-38013"
},
{
"category": "external",
"summary": "SUSE Bug 1244731 for CVE-2025-38013",
"url": "https://bugzilla.suse.com/1244731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38013"
},
{
"cve": "CVE-2025-38014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Refactor remove call with idxd_cleanup() helper\n\nThe idxd_cleanup() helper cleans up perfmon, interrupts, internals and\nso on. Refactor remove call with the idxd_cleanup() helper to avoid code\nduplication. Note, this also fixes the missing put_device() for idxd\ngroups, enginces and wqs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38014",
"url": "https://www.suse.com/security/cve/CVE-2025-38014"
},
{
"category": "external",
"summary": "SUSE Bug 1244732 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "external",
"summary": "SUSE Bug 1244733 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38014"
},
{
"cve": "CVE-2025-38015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: fix memory leak in error handling path of idxd_alloc\n\nMemory allocated for idxd is not freed if an error occurs during\nidxd_alloc(). To fix it, free the allocated memory in the reverse order\nof allocation before exiting the function in case of an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38015",
"url": "https://www.suse.com/security/cve/CVE-2025-38015"
},
{
"category": "external",
"summary": "SUSE Bug 1244789 for CVE-2025-38015",
"url": "https://bugzilla.suse.com/1244789"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38015"
},
{
"cve": "CVE-2025-38018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: fix kernel panic when alloc_page failed\n\nWe cannot set frag_list to NULL pointer when alloc_page failed.\nIt will be used in tls_strp_check_queue_ok when the next time\ntls_strp_read_sock is called.\n\nThis is because we don\u0027t reset full_len in tls_strp_flush_anchor_copy()\nso the recv path will try to continue handling the partial record\non the next call but we dettached the rcvq from the frag list.\nAlternative fix would be to reset full_len.\n\nUnable to handle kernel NULL pointer dereference\nat virtual address 0000000000000028\n Call trace:\n tls_strp_check_rcv+0x128/0x27c\n tls_strp_data_ready+0x34/0x44\n tls_data_ready+0x3c/0x1f0\n tcp_data_ready+0x9c/0xe4\n tcp_data_queue+0xf6c/0x12d0\n tcp_rcv_established+0x52c/0x798",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38018",
"url": "https://www.suse.com/security/cve/CVE-2025-38018"
},
{
"category": "external",
"summary": "SUSE Bug 1244999 for CVE-2025-38018",
"url": "https://bugzilla.suse.com/1244999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38018"
},
{
"cve": "CVE-2025-38020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Disable MACsec offload for uplink representor profile\n\nMACsec offload is not supported in switchdev mode for uplink\nrepresentors. When switching to the uplink representor profile, the\nMACsec offload feature must be cleared from the netdevice\u0027s features.\n\nIf left enabled, attempts to add offloads result in a null pointer\ndereference, as the uplink representor does not support MACsec offload\neven though the feature bit remains set.\n\nClear NETIF_F_HW_MACSEC in mlx5e_fix_uplink_rep_features().\n\nKernel log:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000000f: 0000 [#1] SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000078-0x000000000000007f]\nCPU: 29 UID: 0 PID: 4714 Comm: ip Not tainted 6.14.0-rc4_for_upstream_debug_2025_03_02_17_35 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nRIP: 0010:__mutex_lock+0x128/0x1dd0\nCode: d0 7c 08 84 d2 0f 85 ad 15 00 00 8b 35 91 5c fe 03 85 f6 75 29 49 8d 7e 60 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 a6 15 00 00 4d 3b 76 60 0f 85 fd 0b 00 00 65 ff\nRSP: 0018:ffff888147a4f160 EFLAGS: 00010206\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000001\nRDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000078\nRBP: ffff888147a4f2e0 R08: ffffffffa05d2c19 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: 0000000000000018 R15: ffff888152de0000\nFS: 00007f855e27d800(0000) GS:ffff88881ee80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000004e5768 CR3: 000000013ae7c005 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x3d/0xa0\n ? exc_general_protection+0x144/0x220\n ? asm_exc_general_protection+0x22/0x30\n ? mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n ? __mutex_lock+0x128/0x1dd0\n ? lockdep_set_lock_cmp_fn+0x190/0x190\n ? mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n ? mutex_lock_io_nested+0x1ae0/0x1ae0\n ? lock_acquire+0x1c2/0x530\n ? macsec_upd_offload+0x145/0x380\n ? lockdep_hardirqs_on_prepare+0x400/0x400\n ? kasan_save_stack+0x30/0x40\n ? kasan_save_stack+0x20/0x40\n ? kasan_save_track+0x10/0x30\n ? __kasan_kmalloc+0x77/0x90\n ? __kmalloc_noprof+0x249/0x6b0\n ? genl_family_rcv_msg_attrs_parse.constprop.0+0xb5/0x240\n ? mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n ? mlx5e_macsec_add_rxsa+0x11a0/0x11a0 [mlx5_core]\n macsec_update_offload+0x26c/0x820\n ? macsec_set_mac_address+0x4b0/0x4b0\n ? lockdep_hardirqs_on_prepare+0x284/0x400\n ? _raw_spin_unlock_irqrestore+0x47/0x50\n macsec_upd_offload+0x2c8/0x380\n ? macsec_update_offload+0x820/0x820\n ? __nla_parse+0x22/0x30\n ? genl_family_rcv_msg_attrs_parse.constprop.0+0x15e/0x240\n genl_family_rcv_msg_doit+0x1cc/0x2a0\n ? genl_family_rcv_msg_attrs_parse.constprop.0+0x240/0x240\n ? cap_capable+0xd4/0x330\n genl_rcv_msg+0x3ea/0x670\n ? genl_family_rcv_msg_dumpit+0x2a0/0x2a0\n ? lockdep_set_lock_cmp_fn+0x190/0x190\n ? macsec_update_offload+0x820/0x820\n netlink_rcv_skb+0x12b/0x390\n ? genl_family_rcv_msg_dumpit+0x2a0/0x2a0\n ? netlink_ack+0xd80/0xd80\n ? rwsem_down_read_slowpath+0xf90/0xf90\n ? netlink_deliver_tap+0xcd/0xac0\n ? netlink_deliver_tap+0x155/0xac0\n ? _copy_from_iter+0x1bb/0x12c0\n genl_rcv+0x24/0x40\n netlink_unicast+0x440/0x700\n ? netlink_attachskb+0x760/0x760\n ? lock_acquire+0x1c2/0x530\n ? __might_fault+0xbb/0x170\n netlink_sendmsg+0x749/0xc10\n ? netlink_unicast+0x700/0x700\n ? __might_fault+0xbb/0x170\n ? netlink_unicast+0x700/0x700\n __sock_sendmsg+0xc5/0x190\n ____sys_sendmsg+0x53f/0x760\n ? import_iovec+0x7/0x10\n ? kernel_sendmsg+0x30/0x30\n ? __copy_msghdr+0x3c0/0x3c0\n ? filter_irq_stacks+0x90/0x90\n ? stack_depot_save_flags+0x28/0xa30\n ___sys_sen\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38020",
"url": "https://www.suse.com/security/cve/CVE-2025-38020"
},
{
"category": "external",
"summary": "SUSE Bug 1245001 for CVE-2025-38020",
"url": "https://bugzilla.suse.com/1245001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38020"
},
{
"cve": "CVE-2025-38022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38022"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Fix \"KASAN: slab-use-after-free Read in ib_register_device\" problem\n\nCall Trace:\n\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n strlen+0x93/0xa0 lib/string.c:420\n __fortify_strlen include/linux/fortify-string.h:268 [inline]\n get_kobj_path_length lib/kobject.c:118 [inline]\n kobject_get_path+0x3f/0x2a0 lib/kobject.c:158\n kobject_uevent_env+0x289/0x1870 lib/kobject_uevent.c:545\n ib_register_device drivers/infiniband/core/device.c:1472 [inline]\n ib_register_device+0x8cf/0xe00 drivers/infiniband/core/device.c:1393\n rxe_register_device+0x275/0x320 drivers/infiniband/sw/rxe/rxe_verbs.c:1552\n rxe_net_add+0x8e/0xe0 drivers/infiniband/sw/rxe/rxe_net.c:550\n rxe_newlink+0x70/0x190 drivers/infiniband/sw/rxe/rxe.c:225\n nldev_newlink+0x3a3/0x680 drivers/infiniband/core/nldev.c:1796\n rdma_nl_rcv_msg+0x387/0x6e0 drivers/infiniband/core/netlink.c:195\n rdma_nl_rcv_skb.constprop.0.isra.0+0x2e5/0x450\n netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n netlink_unicast+0x53a/0x7f0 net/netlink/af_netlink.c:1339\n netlink_sendmsg+0x8d1/0xdd0 net/netlink/af_netlink.c:1883\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg net/socket.c:727 [inline]\n ____sys_sendmsg+0xa95/0xc70 net/socket.c:2566\n ___sys_sendmsg+0x134/0x1d0 net/socket.c:2620\n __sys_sendmsg+0x16d/0x220 net/socket.c:2652\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x260 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThis problem is similar to the problem that the\ncommit 1d6a9e7449e2 (\"RDMA/core: Fix use-after-free when rename device name\")\nfixes.\n\nThe root cause is: the function ib_device_rename() renames the name with\nlock. But in the function kobject_uevent(), this name is accessed without\nlock protection at the same time.\n\nThe solution is to add the lock protection when this name is accessed in\nthe function kobject_uevent().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38022",
"url": "https://www.suse.com/security/cve/CVE-2025-38022"
},
{
"category": "external",
"summary": "SUSE Bug 1245003 for CVE-2025-38022",
"url": "https://bugzilla.suse.com/1245003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38022"
},
{
"cve": "CVE-2025-38023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: handle failure of nfs_get_lock_context in unlock path\n\nWhen memory is insufficient, the allocation of nfs_lock_context in\nnfs_get_lock_context() fails and returns -ENOMEM. If we mistakenly treat\nan nfs4_unlockdata structure (whose l_ctx member has been set to -ENOMEM)\nas valid and proceed to execute rpc_run_task(), this will trigger a NULL\npointer dereference in nfs4_locku_prepare. For example:\n\nBUG: kernel NULL pointer dereference, address: 000000000000000c\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] SMP PTI\nCPU: 15 UID: 0 PID: 12 Comm: kworker/u64:0 Not tainted 6.15.0-rc2-dirty #60\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40\nWorkqueue: rpciod rpc_async_schedule\nRIP: 0010:nfs4_locku_prepare+0x35/0xc2\nCode: 89 f2 48 89 fd 48 c7 c7 68 69 ef b5 53 48 8b 8e 90 00 00 00 48 89 f3\nRSP: 0018:ffffbbafc006bdb8 EFLAGS: 00010246\nRAX: 000000000000004b RBX: ffff9b964fc1fa00 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: fffffffffffffff4 RDI: ffff9ba53fddbf40\nRBP: ffff9ba539934000 R08: 0000000000000000 R09: ffffbbafc006bc38\nR10: ffffffffb6b689c8 R11: 0000000000000003 R12: ffff9ba539934030\nR13: 0000000000000001 R14: 0000000004248060 R15: ffffffffb56d1c30\nFS: 0000000000000000(0000) GS:ffff9ba5881f0000(0000) knlGS:00000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000000000000c CR3: 000000093f244000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n __rpc_execute+0xbc/0x480\n rpc_async_schedule+0x2f/0x40\n process_one_work+0x232/0x5d0\n worker_thread+0x1da/0x3d0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x10d/0x240\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nModules linked in:\nCR2: 000000000000000c\n---[ end trace 0000000000000000 ]---\n\nFree the allocated nfs4_unlockdata when nfs_get_lock_context() fails and\nreturn NULL to terminate subsequent rpc_run_task, preventing NULL pointer\ndereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38023",
"url": "https://www.suse.com/security/cve/CVE-2025-38023"
},
{
"category": "external",
"summary": "SUSE Bug 1245004 for CVE-2025-38023",
"url": "https://bugzilla.suse.com/1245004"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38023"
},
{
"cve": "CVE-2025-38024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug\n\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x7d/0xa0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xcf/0x610 mm/kasan/report.c:489\n kasan_report+0xb5/0xe0 mm/kasan/report.c:602\n rxe_queue_cleanup+0xd0/0xe0 drivers/infiniband/sw/rxe/rxe_queue.c:195\n rxe_cq_cleanup+0x3f/0x50 drivers/infiniband/sw/rxe/rxe_cq.c:132\n __rxe_cleanup+0x168/0x300 drivers/infiniband/sw/rxe/rxe_pool.c:232\n rxe_create_cq+0x22e/0x3a0 drivers/infiniband/sw/rxe/rxe_verbs.c:1109\n create_cq+0x658/0xb90 drivers/infiniband/core/uverbs_cmd.c:1052\n ib_uverbs_create_cq+0xc7/0x120 drivers/infiniband/core/uverbs_cmd.c:1095\n ib_uverbs_write+0x969/0xc90 drivers/infiniband/core/uverbs_main.c:679\n vfs_write fs/read_write.c:677 [inline]\n vfs_write+0x26a/0xcc0 fs/read_write.c:659\n ksys_write+0x1b8/0x200 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xaa/0x1b0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nIn the function rxe_create_cq, when rxe_cq_from_init fails, the function\nrxe_cleanup will be called to handle the allocated resources. In fact,\nsome memory resources have already been freed in the function\nrxe_cq_from_init. Thus, this problem will occur.\n\nThe solution is to let rxe_cleanup do all the work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38024",
"url": "https://www.suse.com/security/cve/CVE-2025-38024"
},
{
"category": "external",
"summary": "SUSE Bug 1245025 for CVE-2025-38024",
"url": "https://bugzilla.suse.com/1245025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38024"
},
{
"cve": "CVE-2025-38027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38027"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: max20086: fix invalid memory access\n\nmax20086_parse_regulators_dt() calls of_regulator_match() using an\narray of struct of_regulator_match allocated on the stack for the\nmatches argument.\n\nof_regulator_match() calls devm_of_regulator_put_matches(), which calls\ndevres_alloc() to allocate a struct devm_of_regulator_matches which will\nbe de-allocated using devm_of_regulator_put_matches().\n\nstruct devm_of_regulator_matches is populated with the stack allocated\nmatches array.\n\nIf the device fails to probe, devm_of_regulator_put_matches() will be\ncalled and will try to call of_node_put() on that stack pointer,\ngenerating the following dmesg entries:\n\nmax20086 6-0028: Failed to read DEVICE_ID reg: -121\nkobject: \u0027\\xc0$\\xa5\\x03\u0027 (000000002cebcb7a): is not initialized, yet\nkobject_put() is being called.\n\nFollowed by a stack trace matching the call flow described above.\n\nSwitch to allocating the matches array using devm_kcalloc() to\navoid accessing the stack pointer long after it\u0027s out of scope.\n\nThis also has the advantage of allowing multiple max20086 to probe\nwithout overriding the data stored inside the global of_regulator_match.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38027",
"url": "https://www.suse.com/security/cve/CVE-2025-38027"
},
{
"category": "external",
"summary": "SUSE Bug 1245042 for CVE-2025-38027",
"url": "https://bugzilla.suse.com/1245042"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38027"
},
{
"cve": "CVE-2025-38031",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38031"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: do not leak refcount in reorder_work\n\nA recent patch that addressed a UAF introduced a reference count leak:\nthe parallel_data refcount is incremented unconditionally, regardless\nof the return value of queue_work(). If the work item is already queued,\nthe incremented refcount is never decremented.\n\nFix this by checking the return value of queue_work() and decrementing\nthe refcount when necessary.\n\nResolves:\n\nUnreferenced object 0xffff9d9f421e3d80 (size 192):\n comm \"cryptomgr_probe\", pid 157, jiffies 4294694003\n hex dump (first 32 bytes):\n 80 8b cf 41 9f 9d ff ff b8 97 e0 89 ff ff ff ff ...A............\n d0 97 e0 89 ff ff ff ff 19 00 00 00 1f 88 23 00 ..............#.\n backtrace (crc 838fb36):\n __kmalloc_cache_noprof+0x284/0x320\n padata_alloc_pd+0x20/0x1e0\n padata_alloc_shell+0x3b/0xa0\n 0xffffffffc040a54d\n cryptomgr_probe+0x43/0xc0\n kthread+0xf6/0x1f0\n ret_from_fork+0x2f/0x50\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38031",
"url": "https://www.suse.com/security/cve/CVE-2025-38031"
},
{
"category": "external",
"summary": "SUSE Bug 1245046 for CVE-2025-38031",
"url": "https://bugzilla.suse.com/1245046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38031"
},
{
"cve": "CVE-2025-38040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38040"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: mctrl_gpio: split disable_ms into sync and no_sync APIs\n\nThe following splat has been observed on a SAMA5D27 platform using\natmel_serial:\n\nBUG: sleeping function called from invalid context at kernel/irq/manage.c:738\nin_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 27, name: kworker/u5:0\npreempt_count: 1, expected: 0\nINFO: lockdep is turned off.\nirq event stamp: 0\nhardirqs last enabled at (0): [\u003c00000000\u003e] 0x0\nhardirqs last disabled at (0): [\u003cc01588f0\u003e] copy_process+0x1c4c/0x7bec\nsoftirqs last enabled at (0): [\u003cc0158944\u003e] copy_process+0x1ca0/0x7bec\nsoftirqs last disabled at (0): [\u003c00000000\u003e] 0x0\nCPU: 0 UID: 0 PID: 27 Comm: kworker/u5:0 Not tainted 6.13.0-rc7+ #74\nHardware name: Atmel SAMA5\nWorkqueue: hci0 hci_power_on [bluetooth]\nCall trace:\n unwind_backtrace from show_stack+0x18/0x1c\n show_stack from dump_stack_lvl+0x44/0x70\n dump_stack_lvl from __might_resched+0x38c/0x598\n __might_resched from disable_irq+0x1c/0x48\n disable_irq from mctrl_gpio_disable_ms+0x74/0xc0\n mctrl_gpio_disable_ms from atmel_disable_ms.part.0+0x80/0x1f4\n atmel_disable_ms.part.0 from atmel_set_termios+0x764/0x11e8\n atmel_set_termios from uart_change_line_settings+0x15c/0x994\n uart_change_line_settings from uart_set_termios+0x2b0/0x668\n uart_set_termios from tty_set_termios+0x600/0x8ec\n tty_set_termios from ttyport_set_flow_control+0x188/0x1e0\n ttyport_set_flow_control from wilc_setup+0xd0/0x524 [hci_wilc]\n wilc_setup [hci_wilc] from hci_dev_open_sync+0x330/0x203c [bluetooth]\n hci_dev_open_sync [bluetooth] from hci_dev_do_open+0x40/0xb0 [bluetooth]\n hci_dev_do_open [bluetooth] from hci_power_on+0x12c/0x664 [bluetooth]\n hci_power_on [bluetooth] from process_one_work+0x998/0x1a38\n process_one_work from worker_thread+0x6e0/0xfb4\n worker_thread from kthread+0x3d4/0x484\n kthread from ret_from_fork+0x14/0x28\n\nThis warning is emitted when trying to toggle, at the highest level,\nsome flow control (with serdev_device_set_flow_control) in a device\ndriver. At the lowest level, the atmel_serial driver is using\nserial_mctrl_gpio lib to enable/disable the corresponding IRQs\naccordingly. The warning emitted by CONFIG_DEBUG_ATOMIC_SLEEP is due to\ndisable_irq (called in mctrl_gpio_disable_ms) being possibly called in\nsome atomic context (some tty drivers perform modem lines configuration\nin regions protected by port lock).\n\nSplit mctrl_gpio_disable_ms into two differents APIs, a non-blocking one\nand a blocking one. Replace mctrl_gpio_disable_ms calls with the\nrelevant version depending on whether the call is protected by some port\nlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38040",
"url": "https://www.suse.com/security/cve/CVE-2025-38040"
},
{
"category": "external",
"summary": "SUSE Bug 1245078 for CVE-2025-38040",
"url": "https://bugzilla.suse.com/1245078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38040"
},
{
"cve": "CVE-2025-38043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_ffa: Set dma_mask for ffa devices\n\nSet dma_mask for FFA devices, otherwise DMA allocation using the device pointer\nlead to following warning:\n\nWARNING: CPU: 1 PID: 1 at kernel/dma/mapping.c:597 dma_alloc_attrs+0xe0/0x124",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38043",
"url": "https://www.suse.com/security/cve/CVE-2025-38043"
},
{
"category": "external",
"summary": "SUSE Bug 1245081 for CVE-2025-38043",
"url": "https://bugzilla.suse.com/1245081"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38043"
},
{
"cve": "CVE-2025-38044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx231xx: set device_caps for 417\n\nThe video_device for the MPEG encoder did not set device_caps.\n\nAdd this, otherwise the video device can\u0027t be registered (you get a\nWARN_ON instead).\n\nNot seen before since currently 417 support is disabled, but I found\nthis while experimenting with it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38044",
"url": "https://www.suse.com/security/cve/CVE-2025-38044"
},
{
"category": "external",
"summary": "SUSE Bug 1245082 for CVE-2025-38044",
"url": "https://bugzilla.suse.com/1245082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38044"
},
{
"cve": "CVE-2025-38045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix debug actions order\n\nThe order of actions taken for debug was implemented incorrectly.\nNow we implemented the dump split and do the FW reset only in the\nmiddle of the dump (rather than the FW killing itself on error.)\nAs a result, some of the actions taken when applying the config\nwill now crash the device, so we need to fix the order.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38045",
"url": "https://www.suse.com/security/cve/CVE-2025-38045"
},
{
"category": "external",
"summary": "SUSE Bug 1245083 for CVE-2025-38045",
"url": "https://bugzilla.suse.com/1245083"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38045"
},
{
"cve": "CVE-2025-38053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix null-ptr-deref in idpf_features_check\n\nidpf_features_check is used to validate the TX packet. skb header\nlength is compared with the hardware supported value received from\nthe device control plane. The value is stored in the adapter structure\nand to access it, vport pointer is used. During reset all the vports\nare released and the vport pointer that the netdev private structure\npoints to is NULL.\n\nTo avoid null-ptr-deref, store the max header length value in netdev\nprivate structure. This also helps to cache the value and avoid\naccessing adapter pointer in hot path.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000068\n...\nRIP: 0010:idpf_features_check+0x6d/0xe0 [idpf]\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x154/0x520\n ? exc_page_fault+0x76/0x190\n ? asm_exc_page_fault+0x26/0x30\n ? idpf_features_check+0x6d/0xe0 [idpf]\n netif_skb_features+0x88/0x310\n validate_xmit_skb+0x2a/0x2b0\n validate_xmit_skb_list+0x4c/0x70\n sch_direct_xmit+0x19d/0x3a0\n __dev_queue_xmit+0xb74/0xe70\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38053",
"url": "https://www.suse.com/security/cve/CVE-2025-38053"
},
{
"category": "external",
"summary": "SUSE Bug 1244746 for CVE-2025-38053",
"url": "https://bugzilla.suse.com/1244746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38053"
},
{
"cve": "CVE-2025-38057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nespintcp: fix skb leaks\n\nA few error paths are missing a kfree_skb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38057",
"url": "https://www.suse.com/security/cve/CVE-2025-38057"
},
{
"category": "external",
"summary": "SUSE Bug 1244862 for CVE-2025-38057",
"url": "https://bugzilla.suse.com/1244862"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38057"
},
{
"cve": "CVE-2025-38059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: avoid NULL pointer dereference if no valid csum tree\n\n[BUG]\nWhen trying read-only scrub on a btrfs with rescue=idatacsums mount\noption, it will crash with the following call trace:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000208\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n CPU: 1 UID: 0 PID: 835 Comm: btrfs Tainted: G O 6.15.0-rc3-custom+ #236 PREEMPT(full)\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 02/02/2022\n RIP: 0010:btrfs_lookup_csums_bitmap+0x49/0x480 [btrfs]\n Call Trace:\n \u003cTASK\u003e\n scrub_find_fill_first_stripe+0x35b/0x3d0 [btrfs]\n scrub_simple_mirror+0x175/0x290 [btrfs]\n scrub_stripe+0x5f7/0x6f0 [btrfs]\n scrub_chunk+0x9a/0x150 [btrfs]\n scrub_enumerate_chunks+0x333/0x660 [btrfs]\n btrfs_scrub_dev+0x23e/0x600 [btrfs]\n btrfs_ioctl+0x1dcf/0x2f80 [btrfs]\n __x64_sys_ioctl+0x97/0xc0\n do_syscall_64+0x4f/0x120\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n[CAUSE]\nMount option \"rescue=idatacsums\" will completely skip loading the csum\ntree, so that any data read will not find any data csum thus we will\nignore data checksum verification.\n\nNormally call sites utilizing csum tree will check the fs state flag\nNO_DATA_CSUMS bit, but unfortunately scrub does not check that bit at all.\n\nThis results in scrub to call btrfs_search_slot() on a NULL pointer\nand triggered above crash.\n\n[FIX]\nCheck both extent and csum tree root before doing any tree search.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38059",
"url": "https://www.suse.com/security/cve/CVE-2025-38059"
},
{
"category": "external",
"summary": "SUSE Bug 1244759 for CVE-2025-38059",
"url": "https://bugzilla.suse.com/1244759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38059"
},
{
"cve": "CVE-2025-38060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: copy_verifier_state() should copy \u0027loop_entry\u0027 field\n\nThe bpf_verifier_state.loop_entry state should be copied by\ncopy_verifier_state(). Otherwise, .loop_entry values from unrelated\nstates would poison env-\u003ecur_state.\n\nAdditionally, env-\u003estack should not contain any states with\n.loop_entry != NULL. The states in env-\u003estack are yet to be verified,\nwhile .loop_entry is set for states that reached an equivalent state.\nThis means that env-\u003ecur_state-\u003eloop_entry should always be NULL after\npop_stack().\n\nSee the selftest in the next commit for an example of the program that\nis not safe yet is accepted by verifier w/o this fix.\n\nThis change has some verification performance impact for selftests:\n\nFile Program Insns (A) Insns (B) Insns (DIFF) States (A) States (B) States (DIFF)\n---------------------------------- ---------------------------- --------- --------- -------------- ---------- ---------- -------------\narena_htab.bpf.o arena_htab_llvm 717 426 -291 (-40.59%) 57 37 -20 (-35.09%)\narena_htab_asm.bpf.o arena_htab_asm 597 445 -152 (-25.46%) 47 37 -10 (-21.28%)\narena_list.bpf.o arena_list_del 309 279 -30 (-9.71%) 23 14 -9 (-39.13%)\niters.bpf.o iter_subprog_check_stacksafe 155 141 -14 (-9.03%) 15 14 -1 (-6.67%)\niters.bpf.o iter_subprog_iters 1094 1003 -91 (-8.32%) 88 83 -5 (-5.68%)\niters.bpf.o loop_state_deps2 479 725 +246 (+51.36%) 46 63 +17 (+36.96%)\nkmem_cache_iter.bpf.o open_coded_iter 63 59 -4 (-6.35%) 7 6 -1 (-14.29%)\nverifier_bits_iter.bpf.o max_words 92 84 -8 (-8.70%) 8 7 -1 (-12.50%)\nverifier_iterating_callbacks.bpf.o cond_break2 113 107 -6 (-5.31%) 12 12 +0 (+0.00%)\n\nAnd significant negative impact for sched_ext:\n\nFile Program Insns (A) Insns (B) Insns (DIFF) States (A) States (B) States (DIFF)\n----------------- ---------------------- --------- --------- -------------------- ---------- ---------- ------------------\nbpf.bpf.o lavd_init 7039 14723 +7684 (+109.16%) 490 1139 +649 (+132.45%)\nbpf.bpf.o layered_dispatch 11485 10548 -937 (-8.16%) 848 762 -86 (-10.14%)\nbpf.bpf.o layered_dump 7422 1000001 +992579 (+13373.47%) 681 31178 +30497 (+4478.27%)\nbpf.bpf.o layered_enqueue 16854 71127 +54273 (+322.02%) 1611 6450 +4839 (+300.37%)\nbpf.bpf.o p2dq_dispatch 665 791 +126 (+18.95%) 68 78 +10 (+14.71%)\nbpf.bpf.o p2dq_init 2343 2980 +637 (+27.19%) 201 237 +36 (+17.91%)\nbpf.bpf.o refresh_layer_cpumasks 16487 674760 +658273 (+3992.68%) 1770 65370 +63600 (+3593.22%)\nbpf.bpf.o rusty_select_cpu 1937 40872 +38935 (+2010.07%) 177 3210 +3033 (+1713.56%)\nscx_central.bpf.o central_dispatch 636 2687 +2051 (+322.48%) 63 227 +164 (+260.32%)\nscx_nest.bpf.o nest_init 636 815 +179 (+28.14%) 60 73 +13 (+21.67%)\nscx_qmap.bpf.o qmap_dispatch \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38060",
"url": "https://www.suse.com/security/cve/CVE-2025-38060"
},
{
"category": "external",
"summary": "SUSE Bug 1245155 for CVE-2025-38060",
"url": "https://bugzilla.suse.com/1245155"
},
{
"category": "external",
"summary": "SUSE Bug 1245156 for CVE-2025-38060",
"url": "https://bugzilla.suse.com/1245156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "important"
}
],
"title": "CVE-2025-38060"
},
{
"cve": "CVE-2025-38065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: Do not truncate file size\n\n\u0027len\u0027 is used to store the result of i_size_read(), so making \u0027len\u0027\na size_t results in truncation to 4GiB on 32-bit systems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38065",
"url": "https://www.suse.com/security/cve/CVE-2025-38065"
},
{
"category": "external",
"summary": "SUSE Bug 1244906 for CVE-2025-38065",
"url": "https://bugzilla.suse.com/1244906"
},
{
"category": "external",
"summary": "SUSE Bug 1244907 for CVE-2025-38065",
"url": "https://bugzilla.suse.com/1244907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "important"
}
],
"title": "CVE-2025-38065"
},
{
"cve": "CVE-2025-38068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lzo - Fix compression buffer overrun\n\nUnlike the decompression code, the compression code in LZO never\nchecked for output overruns. It instead assumes that the caller\nalways provides enough buffer space, disregarding the buffer length\nprovided by the caller.\n\nAdd a safe compression interface that checks for the end of buffer\nbefore each write. Use the safe interface in crypto/lzo.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38068",
"url": "https://www.suse.com/security/cve/CVE-2025-38068"
},
{
"category": "external",
"summary": "SUSE Bug 1245210 for CVE-2025-38068",
"url": "https://bugzilla.suse.com/1245210"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38068"
},
{
"cve": "CVE-2025-38072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibnvdimm/labels: Fix divide error in nd_label_data_init()\n\nIf a faulty CXL memory device returns a broken zero LSA size in its\nmemory device information (Identify Memory Device (Opcode 4000h), CXL\nspec. 3.1, 8.2.9.9.1.1), a divide error occurs in the libnvdimm\ndriver:\n\n Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:nd_label_data_init+0x10e/0x800 [libnvdimm]\n\nCode and flow:\n\n1) CXL Command 4000h returns LSA size = 0\n2) config_size is assigned to zero LSA size (CXL pmem driver):\n\ndrivers/cxl/pmem.c: .config_size = mds-\u003elsa_size,\n\n3) max_xfer is set to zero (nvdimm driver):\n\ndrivers/nvdimm/label.c: max_xfer = min_t(size_t, ndd-\u003ensarea.max_xfer, config_size);\n\n4) A subsequent DIV_ROUND_UP() causes a division by zero:\n\ndrivers/nvdimm/label.c: /* Make our initial read size a multiple of max_xfer size */\ndrivers/nvdimm/label.c: read_size = min(DIV_ROUND_UP(read_size, max_xfer) * max_xfer,\ndrivers/nvdimm/label.c- config_size);\n\nFix this by checking the config size parameter by extending an\nexisting check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38072",
"url": "https://www.suse.com/security/cve/CVE-2025-38072"
},
{
"category": "external",
"summary": "SUSE Bug 1244743 for CVE-2025-38072",
"url": "https://bugzilla.suse.com/1244743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38072"
},
{
"cve": "CVE-2025-38077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store()\n\nIf the \u0027buf\u0027 array received from the user contains an empty string, the\n\u0027length\u0027 variable will be zero. Accessing the \u0027buf\u0027 array element with\nindex \u0027length - 1\u0027 will result in a buffer overflow.\n\nAdd a check for an empty string.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38077",
"url": "https://www.suse.com/security/cve/CVE-2025-38077"
},
{
"category": "external",
"summary": "SUSE Bug 1244736 for CVE-2025-38077",
"url": "https://bugzilla.suse.com/1244736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38077"
},
{
"cve": "CVE-2025-38078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: Fix race of buffer access at PCM OSS layer\n\nThe PCM OSS layer tries to clear the buffer with the silence data at\ninitialization (or reconfiguration) of a stream with the explicit call\nof snd_pcm_format_set_silence() with runtime-\u003edma_area. But this may\nlead to a UAF because the accessed runtime-\u003edma_area might be freed\nconcurrently, as it\u0027s performed outside the PCM ops.\n\nFor avoiding it, move the code into the PCM core and perform it inside\nthe buffer access lock, so that it won\u0027t be changed during the\noperation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38078",
"url": "https://www.suse.com/security/cve/CVE-2025-38078"
},
{
"category": "external",
"summary": "SUSE Bug 1244737 for CVE-2025-38078",
"url": "https://bugzilla.suse.com/1244737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38078"
},
{
"cve": "CVE-2025-38079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_hash - fix double free in hash_accept\n\nIf accept(2) is called on socket type algif_hash with\nMSG_MORE flag set and crypto_ahash_import fails,\nsk2 is freed. However, it is also freed in af_alg_release,\nleading to slab-use-after-free error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38079",
"url": "https://www.suse.com/security/cve/CVE-2025-38079"
},
{
"category": "external",
"summary": "SUSE Bug 1245217 for CVE-2025-38079",
"url": "https://bugzilla.suse.com/1245217"
},
{
"category": "external",
"summary": "SUSE Bug 1245218 for CVE-2025-38079",
"url": "https://bugzilla.suse.com/1245218"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "important"
}
],
"title": "CVE-2025-38079"
},
{
"cve": "CVE-2025-38080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Increase block_sequence array size\n\n[Why]\nIt\u0027s possible to generate more than 50 steps in hwss_build_fast_sequence,\nfor example with a 6-pipe asic where all pipes are in one MPC chain. This\noverflows the block_sequence buffer and corrupts block_sequence_steps,\ncausing a crash.\n\n[How]\nExpand block_sequence to 100 items. A naive upper bound on the possible\nnumber of steps for a 6-pipe asic, ignoring the potential for steps to be\nmutually exclusive, is 91 with current code, therefore 100 is sufficient.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38080",
"url": "https://www.suse.com/security/cve/CVE-2025-38080"
},
{
"category": "external",
"summary": "SUSE Bug 1244738 for CVE-2025-38080",
"url": "https://bugzilla.suse.com/1244738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38080"
},
{
"cve": "CVE-2025-38081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38081"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi-rockchip: Fix register out of bounds access\n\nDo not write native chip select stuff for GPIO chip selects.\nGPIOs can be numbered much higher than native CS.\nAlso, it makes no sense.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38081",
"url": "https://www.suse.com/security/cve/CVE-2025-38081"
},
{
"category": "external",
"summary": "SUSE Bug 1244739 for CVE-2025-38081",
"url": "https://bugzilla.suse.com/1244739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38081"
},
{
"cve": "CVE-2025-38083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: prio: fix a race in prio_tune()\n\nGerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer\nfires at the wrong time.\n\nThe race is as follows:\n\nCPU 0 CPU 1\n[1]: lock root\n[2]: qdisc_tree_flush_backlog()\n[3]: unlock root\n |\n | [5]: lock root\n | [6]: rehash\n | [7]: qdisc_tree_reduce_backlog()\n |\n[4]: qdisc_put()\n\nThis can be abused to underflow a parent\u0027s qlen.\n\nCalling qdisc_purge_queue() instead of qdisc_tree_flush_backlog()\nshould fix the race, because all packets will be purged from the qdisc\nbefore releasing the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38083",
"url": "https://www.suse.com/security/cve/CVE-2025-38083"
},
{
"category": "external",
"summary": "SUSE Bug 1245183 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "external",
"summary": "SUSE Bug 1245350 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-18T12:21:16Z",
"details": "important"
}
],
"title": "CVE-2025-38083"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…