Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-53141 (GCVE-0-2024-53141)
Vulnerability from cvelistv5 – Published: 2024-12-06 09:37 – Updated: 2026-05-11 20:51
VLAI
EPSS
Title
netfilter: ipset: add missing range check in bitmap_ip_uadt
Summary
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: add missing range check in bitmap_ip_uadt
When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,
the values of ip and ip_to are slightly swapped. Therefore, the range check
for ip should be done later, but this part is missing and it seems that the
vulnerability occurs.
So we should add missing range checks and remove unnecessary range checks.
Severity
7.8 (High)
Assigner
References
11 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
72205fc68bd13109576aa6c4c12c740962d28a6c , < 3c20b5948f119ae61ee35ad8584d666020c91581
(git)
Affected: 72205fc68bd13109576aa6c4c12c740962d28a6c , < 78b0f2028f1043227a8eb0c41944027fc6a04596 (git) Affected: 72205fc68bd13109576aa6c4c12c740962d28a6c , < 2e151b8ca31607d14fddc4ad0f14da0893e1a7c7 (git) Affected: 72205fc68bd13109576aa6c4c12c740962d28a6c , < e67471437ae9083fa73fa67eee1573fec1b7c8cf (git) Affected: 72205fc68bd13109576aa6c4c12c740962d28a6c , < 7ffef5e5d5eeecd9687204a5ec2d863752aafb7e (git) Affected: 72205fc68bd13109576aa6c4c12c740962d28a6c , < 856023ef032d824309abd5c747241dffa33aae8c (git) Affected: 72205fc68bd13109576aa6c4c12c740962d28a6c , < 591efa494a1cf649f50a35def649c43ae984cd03 (git) Affected: 72205fc68bd13109576aa6c4c12c740962d28a6c , < 15794835378ed56fb9bacc6a5dd3b9f33520604e (git) Affected: 72205fc68bd13109576aa6c4c12c740962d28a6c , < 35f56c554eb1b56b77b3cf197a6b00922d49033d (git) |
|
| Linux | Linux |
Affected:
2.6.39
Unaffected: 0 , < 2.6.39 (semver) Unaffected: 4.19.325 , ≤ 4.19.* (semver) Unaffected: 5.4.287 , ≤ 5.4.* (semver) Unaffected: 5.10.231 , ≤ 5.10.* (semver) Unaffected: 5.15.174 , ≤ 5.15.* (semver) Unaffected: 6.1.120 , ≤ 6.1.* (semver) Unaffected: 6.6.64 , ≤ 6.6.* (semver) Unaffected: 6.11.11 , ≤ 6.11.* (semver) Unaffected: 6.12.2 , ≤ 6.12.* (semver) Unaffected: 6.13 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:46:21.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/netfilter/ipset/ip_set_bitmap_ip.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3c20b5948f119ae61ee35ad8584d666020c91581",
"status": "affected",
"version": "72205fc68bd13109576aa6c4c12c740962d28a6c",
"versionType": "git"
},
{
"lessThan": "78b0f2028f1043227a8eb0c41944027fc6a04596",
"status": "affected",
"version": "72205fc68bd13109576aa6c4c12c740962d28a6c",
"versionType": "git"
},
{
"lessThan": "2e151b8ca31607d14fddc4ad0f14da0893e1a7c7",
"status": "affected",
"version": "72205fc68bd13109576aa6c4c12c740962d28a6c",
"versionType": "git"
},
{
"lessThan": "e67471437ae9083fa73fa67eee1573fec1b7c8cf",
"status": "affected",
"version": "72205fc68bd13109576aa6c4c12c740962d28a6c",
"versionType": "git"
},
{
"lessThan": "7ffef5e5d5eeecd9687204a5ec2d863752aafb7e",
"status": "affected",
"version": "72205fc68bd13109576aa6c4c12c740962d28a6c",
"versionType": "git"
},
{
"lessThan": "856023ef032d824309abd5c747241dffa33aae8c",
"status": "affected",
"version": "72205fc68bd13109576aa6c4c12c740962d28a6c",
"versionType": "git"
},
{
"lessThan": "591efa494a1cf649f50a35def649c43ae984cd03",
"status": "affected",
"version": "72205fc68bd13109576aa6c4c12c740962d28a6c",
"versionType": "git"
},
{
"lessThan": "15794835378ed56fb9bacc6a5dd3b9f33520604e",
"status": "affected",
"version": "72205fc68bd13109576aa6c4c12c740962d28a6c",
"versionType": "git"
},
{
"lessThan": "35f56c554eb1b56b77b3cf197a6b00922d49033d",
"status": "affected",
"version": "72205fc68bd13109576aa6c4c12c740962d28a6c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/netfilter/ipset/ip_set_bitmap_ip.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.39"
},
{
"lessThan": "2.6.39",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.325",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.287",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.231",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.174",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.120",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.64",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.11",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.13",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.325",
"versionStartIncluding": "2.6.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.287",
"versionStartIncluding": "2.6.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.231",
"versionStartIncluding": "2.6.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.174",
"versionStartIncluding": "2.6.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.120",
"versionStartIncluding": "2.6.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.64",
"versionStartIncluding": "2.6.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.11.11",
"versionStartIncluding": "2.6.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.2",
"versionStartIncluding": "2.6.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13",
"versionStartIncluding": "2.6.39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:51:38.968Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3c20b5948f119ae61ee35ad8584d666020c91581"
},
{
"url": "https://git.kernel.org/stable/c/78b0f2028f1043227a8eb0c41944027fc6a04596"
},
{
"url": "https://git.kernel.org/stable/c/2e151b8ca31607d14fddc4ad0f14da0893e1a7c7"
},
{
"url": "https://git.kernel.org/stable/c/e67471437ae9083fa73fa67eee1573fec1b7c8cf"
},
{
"url": "https://git.kernel.org/stable/c/7ffef5e5d5eeecd9687204a5ec2d863752aafb7e"
},
{
"url": "https://git.kernel.org/stable/c/856023ef032d824309abd5c747241dffa33aae8c"
},
{
"url": "https://git.kernel.org/stable/c/591efa494a1cf649f50a35def649c43ae984cd03"
},
{
"url": "https://git.kernel.org/stable/c/15794835378ed56fb9bacc6a5dd3b9f33520604e"
},
{
"url": "https://git.kernel.org/stable/c/35f56c554eb1b56b77b3cf197a6b00922d49033d"
}
],
"title": "netfilter: ipset: add missing range check in bitmap_ip_uadt",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53141",
"datePublished": "2024-12-06T09:37:02.009Z",
"dateReserved": "2024-11-19T17:17:24.997Z",
"dateUpdated": "2026-05-11T20:51:38.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-53141",
"date": "2026-06-19",
"epss": "0.00388",
"percentile": "0.30462"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.6.39\", \"versionEndExcluding\": \"4.19.325\", \"matchCriteriaId\": \"0C7770FA-B486-4531-9A29-FE9BC1D2E0D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.20\", \"versionEndExcluding\": \"6.6.64\", \"matchCriteriaId\": \"D42B3E7C-85DF-4DBF-A6EC-E45F69FF2DCA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.7\", \"versionEndExcluding\": \"6.11.11\", \"matchCriteriaId\": \"21434379-192D-472F-9B54-D45E3650E893\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.12\", \"versionEndExcluding\": \"6.12.2\", \"matchCriteriaId\": \"D8882B1B-2ABC-4838-AC1D-DBDBB5764776\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\\n\\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\\nfor ip should be done later, but this part is missing and it seems that the\\nvulnerability occurs.\\n\\nSo we should add missing range checks and remove unnecessary range checks.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: ipset: agrega comprobaci\\u00f3n de rango faltante en bitmap_ip_uadt Cuando tb[IPSET_ATTR_IP_TO] no est\\u00e1 presente pero tb[IPSET_ATTR_CIDR] existe, los valores de ip e ip_to se intercambian ligeramente. Por lo tanto, la comprobaci\\u00f3n de rango para ip deber\\u00eda realizarse m\\u00e1s tarde, pero esta parte falta y parece que ocurre la vulnerabilidad. Por lo tanto, deber\\u00edamos agregar las comprobaciones de rango faltantes y eliminar las comprobaciones de rango innecesarias.\"}]",
"id": "CVE-2024-53141",
"lastModified": "2024-12-14T21:15:38.550",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
"published": "2024-12-06T10:15:06.050",
"references": "[{\"url\": \"https://git.kernel.org/stable/c/15794835378ed56fb9bacc6a5dd3b9f33520604e\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/2e151b8ca31607d14fddc4ad0f14da0893e1a7c7\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/35f56c554eb1b56b77b3cf197a6b00922d49033d\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/3c20b5948f119ae61ee35ad8584d666020c91581\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/591efa494a1cf649f50a35def649c43ae984cd03\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/78b0f2028f1043227a8eb0c41944027fc6a04596\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/7ffef5e5d5eeecd9687204a5ec2d863752aafb7e\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/856023ef032d824309abd5c747241dffa33aae8c\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/e67471437ae9083fa73fa67eee1573fec1b7c8cf\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-53141\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-12-06T10:15:06.050\",\"lastModified\":\"2025-11-03T21:17:30.337\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\\n\\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\\nfor ip should be done later, but this part is missing and it seems that the\\nvulnerability occurs.\\n\\nSo we should add missing range checks and remove unnecessary range checks.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: ipset: agrega comprobaci\u00f3n de rango faltante en bitmap_ip_uadt Cuando tb[IPSET_ATTR_IP_TO] no est\u00e1 presente pero tb[IPSET_ATTR_CIDR] existe, los valores de ip e ip_to se intercambian ligeramente. Por lo tanto, la comprobaci\u00f3n de rango para ip deber\u00eda realizarse m\u00e1s tarde, pero esta parte falta y parece que ocurre la vulnerabilidad. Por lo tanto, deber\u00edamos agregar las comprobaciones de rango faltantes y eliminar las comprobaciones de rango innecesarias.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.39\",\"versionEndExcluding\":\"4.19.325\",\"matchCriteriaId\":\"0C7770FA-B486-4531-9A29-FE9BC1D2E0D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"6.6.64\",\"matchCriteriaId\":\"D42B3E7C-85DF-4DBF-A6EC-E45F69FF2DCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.11.11\",\"matchCriteriaId\":\"21434379-192D-472F-9B54-D45E3650E893\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.12\",\"versionEndExcluding\":\"6.12.2\",\"matchCriteriaId\":\"D8882B1B-2ABC-4838-AC1D-DBDBB5764776\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/15794835378ed56fb9bacc6a5dd3b9f33520604e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2e151b8ca31607d14fddc4ad0f14da0893e1a7c7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/35f56c554eb1b56b77b3cf197a6b00922d49033d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3c20b5948f119ae61ee35ad8584d666020c91581\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/591efa494a1cf649f50a35def649c43ae984cd03\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/78b0f2028f1043227a8eb0c41944027fc6a04596\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7ffef5e5d5eeecd9687204a5ec2d863752aafb7e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/856023ef032d824309abd5c747241dffa33aae8c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e67471437ae9083fa73fa67eee1573fec1b7c8cf\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
SUSE-SU-2025:21092-1
Vulnerability from csaf_suse - Published: 2025-11-28 08:19 - Updated: 2025-11-28 08:19Summary
Security update for kernel-livepatch-MICRO-6-0_Update_3
Severity
Important
Notes
Title of the patch: Security update for kernel-livepatch-MICRO-6-0_Update_3
Description of the patch: This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
Patchnames: SUSE-SLE-Micro-6.0-kernel-218
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kernel-livepatch-MICRO-6-0_Update_3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kernel-livepatch-MICRO-6-0_Update_3 fixes the following issues:\n\n- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)\n- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778)\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)\n- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-kernel-218",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_21092-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:21092-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202521092-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:21092-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023483.html"
},
{
"category": "self",
"summary": "SUSE Bug 1242882",
"url": "https://bugzilla.suse.com/1242882"
},
{
"category": "self",
"summary": "SUSE Bug 1245778",
"url": "https://bugzilla.suse.com/1245778"
},
{
"category": "self",
"summary": "SUSE Bug 1248672",
"url": "https://bugzilla.suse.com/1248672"
},
{
"category": "self",
"summary": "SUSE Bug 1249537",
"url": "https://bugzilla.suse.com/1249537"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53141 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38616 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38616/"
}
],
"title": "Security update for kernel-livepatch-MICRO-6-0_Update_3",
"tracking": {
"current_release_date": "2025-11-28T08:19:28Z",
"generator": {
"date": "2025-11-28T08:19:28Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:21092-1",
"initial_release_date": "2025-11-28T08:19:28Z",
"revision_history": [
{
"date": "2025-11-28T08:19:28Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-20-default-16-1.2.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-20-default-16-1.2.s390x",
"product_id": "kernel-livepatch-6_4_0-20-default-16-1.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-20-default-16-1.2.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-20-default-16-1.2.x86_64",
"product_id": "kernel-livepatch-6_4_0-20-default-16-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-20-default-16-1.2.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-20-default-16-1.2.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-20-default-16-1.2.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-20-default-16-1.2.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-53141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53141",
"url": "https://www.suse.com/security/cve/CVE-2024-53141"
},
{
"category": "external",
"summary": "SUSE Bug 1234381 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "external",
"summary": "SUSE Bug 1245778 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1245778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:28Z",
"details": "important"
}
],
"title": "CVE-2024-53141"
},
{
"cve": "CVE-2025-23145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix NULL pointer in can_accept_new_subflow\n\nWhen testing valkey benchmark tool with MPTCP, the kernel panics in\n\u0027mptcp_can_accept_new_subflow\u0027 because subflow_req-\u003emsk is NULL.\n\nCall trace:\n\n mptcp_can_accept_new_subflow (./net/mptcp/subflow.c:63 (discriminator 4)) (P)\n subflow_syn_recv_sock (./net/mptcp/subflow.c:854)\n tcp_check_req (./net/ipv4/tcp_minisocks.c:863)\n tcp_v4_rcv (./net/ipv4/tcp_ipv4.c:2268)\n ip_protocol_deliver_rcu (./net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (./net/ipv4/ip_input.c:234)\n ip_local_deliver (./net/ipv4/ip_input.c:254)\n ip_rcv_finish (./net/ipv4/ip_input.c:449)\n ...\n\nAccording to the debug log, the same req received two SYN-ACK in a very\nshort time, very likely because the client retransmits the syn ack due\nto multiple reasons.\n\nEven if the packets are transmitted with a relevant time interval, they\ncan be processed by the server on different CPUs concurrently). The\n\u0027subflow_req-\u003emsk\u0027 ownership is transferred to the subflow the first,\nand there will be a risk of a null pointer dereference here.\n\nThis patch fixes this issue by moving the \u0027subflow_req-\u003emsk\u0027 under the\n`own_req == true` conditional.\n\nNote that the !msk check in subflow_hmac_valid() can be dropped, because\nthe same check already exists under the own_req mpj branch where the\ncode has been moved to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23145",
"url": "https://www.suse.com/security/cve/CVE-2025-23145"
},
{
"category": "external",
"summary": "SUSE Bug 1242596 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "external",
"summary": "SUSE Bug 1242882 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:28Z",
"details": "important"
}
],
"title": "CVE-2025-23145"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:28Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: handle data disappearing from under the TLS ULP\n\nTLS expects that it owns the receive queue of the TCP socket.\nThis cannot be guaranteed in case the reader of the TCP socket\nentered before the TLS ULP was installed, or uses some non-standard\nread API (eg. zerocopy ones). Replace the WARN_ON() and a buggy\nearly exit (which leaves anchor pointing to a freed skb) with real\nerror handling. Wipe the parsing state and tell the reader to retry.\n\nWe already reload the anchor every time we (re)acquire the socket lock,\nso the only condition we need to avoid is an out of bounds read\n(not having enough bytes in the socket for previously parsed record len).\n\nIf some data was read from under TLS but there\u0027s enough in the queue\nwe\u0027ll reload and decrypt what is most likely not a valid TLS record.\nLeading to some undefined behavior from TLS perspective (corrupting\na stream? missing an alert? missing an attack?) but no kernel crash\nshould take place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38616",
"url": "https://www.suse.com/security/cve/CVE-2025-38616"
},
{
"category": "external",
"summary": "SUSE Bug 1248512 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1248512"
},
{
"category": "external",
"summary": "SUSE Bug 1249537 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1249537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-20-default-16-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:28Z",
"details": "important"
}
],
"title": "CVE-2025-38616"
}
]
}
SUSE-SU-2025:21093-1
Vulnerability from csaf_suse - Published: 2025-11-28 08:19 - Updated: 2025-11-28 08:19Summary
Security update for kernel-livepatch-MICRO-6-0_Update_4
Severity
Important
Notes
Title of the patch: Security update for kernel-livepatch-MICRO-6-0_Update_4
Description of the patch: This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
Patchnames: SUSE-SLE-Micro-6.0-kernel-219
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kernel-livepatch-MICRO-6-0_Update_4",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:\n\n- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)\n- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778)\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)\n- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-kernel-219",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_21093-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:21093-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202521093-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:21093-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023482.html"
},
{
"category": "self",
"summary": "SUSE Bug 1242882",
"url": "https://bugzilla.suse.com/1242882"
},
{
"category": "self",
"summary": "SUSE Bug 1245778",
"url": "https://bugzilla.suse.com/1245778"
},
{
"category": "self",
"summary": "SUSE Bug 1248672",
"url": "https://bugzilla.suse.com/1248672"
},
{
"category": "self",
"summary": "SUSE Bug 1249537",
"url": "https://bugzilla.suse.com/1249537"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53141 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38616 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38616/"
}
],
"title": "Security update for kernel-livepatch-MICRO-6-0_Update_4",
"tracking": {
"current_release_date": "2025-11-28T08:19:28Z",
"generator": {
"date": "2025-11-28T08:19:28Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:21093-1",
"initial_release_date": "2025-11-28T08:19:28Z",
"revision_history": [
{
"date": "2025-11-28T08:19:28Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"product_id": "kernel-livepatch-6_4_0-24-default-14-1.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-24-default-14-1.2.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-24-default-14-1.2.x86_64",
"product_id": "kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-24-default-14-1.2.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-24-default-14-1.2.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-24-default-14-1.2.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-53141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53141",
"url": "https://www.suse.com/security/cve/CVE-2024-53141"
},
{
"category": "external",
"summary": "SUSE Bug 1234381 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "external",
"summary": "SUSE Bug 1245778 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1245778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:28Z",
"details": "important"
}
],
"title": "CVE-2024-53141"
},
{
"cve": "CVE-2025-23145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix NULL pointer in can_accept_new_subflow\n\nWhen testing valkey benchmark tool with MPTCP, the kernel panics in\n\u0027mptcp_can_accept_new_subflow\u0027 because subflow_req-\u003emsk is NULL.\n\nCall trace:\n\n mptcp_can_accept_new_subflow (./net/mptcp/subflow.c:63 (discriminator 4)) (P)\n subflow_syn_recv_sock (./net/mptcp/subflow.c:854)\n tcp_check_req (./net/ipv4/tcp_minisocks.c:863)\n tcp_v4_rcv (./net/ipv4/tcp_ipv4.c:2268)\n ip_protocol_deliver_rcu (./net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (./net/ipv4/ip_input.c:234)\n ip_local_deliver (./net/ipv4/ip_input.c:254)\n ip_rcv_finish (./net/ipv4/ip_input.c:449)\n ...\n\nAccording to the debug log, the same req received two SYN-ACK in a very\nshort time, very likely because the client retransmits the syn ack due\nto multiple reasons.\n\nEven if the packets are transmitted with a relevant time interval, they\ncan be processed by the server on different CPUs concurrently). The\n\u0027subflow_req-\u003emsk\u0027 ownership is transferred to the subflow the first,\nand there will be a risk of a null pointer dereference here.\n\nThis patch fixes this issue by moving the \u0027subflow_req-\u003emsk\u0027 under the\n`own_req == true` conditional.\n\nNote that the !msk check in subflow_hmac_valid() can be dropped, because\nthe same check already exists under the own_req mpj branch where the\ncode has been moved to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23145",
"url": "https://www.suse.com/security/cve/CVE-2025-23145"
},
{
"category": "external",
"summary": "SUSE Bug 1242596 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "external",
"summary": "SUSE Bug 1242882 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:28Z",
"details": "important"
}
],
"title": "CVE-2025-23145"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:28Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: handle data disappearing from under the TLS ULP\n\nTLS expects that it owns the receive queue of the TCP socket.\nThis cannot be guaranteed in case the reader of the TCP socket\nentered before the TLS ULP was installed, or uses some non-standard\nread API (eg. zerocopy ones). Replace the WARN_ON() and a buggy\nearly exit (which leaves anchor pointing to a freed skb) with real\nerror handling. Wipe the parsing state and tell the reader to retry.\n\nWe already reload the anchor every time we (re)acquire the socket lock,\nso the only condition we need to avoid is an out of bounds read\n(not having enough bytes in the socket for previously parsed record len).\n\nIf some data was read from under TLS but there\u0027s enough in the queue\nwe\u0027ll reload and decrypt what is most likely not a valid TLS record.\nLeading to some undefined behavior from TLS perspective (corrupting\na stream? missing an alert? missing an attack?) but no kernel crash\nshould take place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38616",
"url": "https://www.suse.com/security/cve/CVE-2025-38616"
},
{
"category": "external",
"summary": "SUSE Bug 1248512 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1248512"
},
{
"category": "external",
"summary": "SUSE Bug 1249537 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1249537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:28Z",
"details": "important"
}
],
"title": "CVE-2025-38616"
}
]
}
SUSE-SU-2025:21107-1
Vulnerability from csaf_suse - Published: 2025-11-28 08:19 - Updated: 2025-11-28 08:19Summary
Security update for kernel-livepatch-MICRO-6-0_Update_4
Severity
Important
Notes
Title of the patch: Security update for kernel-livepatch-MICRO-6-0_Update_4
Description of the patch: This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
Patchnames: SUSE-SLE-Micro-6.1-kernel-219
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kernel-livepatch-MICRO-6-0_Update_4",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:\n\n- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)\n- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778)\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)\n- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-219",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_21107-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:21107-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202521107-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:21107-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023470.html"
},
{
"category": "self",
"summary": "SUSE Bug 1242882",
"url": "https://bugzilla.suse.com/1242882"
},
{
"category": "self",
"summary": "SUSE Bug 1245778",
"url": "https://bugzilla.suse.com/1245778"
},
{
"category": "self",
"summary": "SUSE Bug 1248672",
"url": "https://bugzilla.suse.com/1248672"
},
{
"category": "self",
"summary": "SUSE Bug 1249537",
"url": "https://bugzilla.suse.com/1249537"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53141 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38616 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38616/"
}
],
"title": "Security update for kernel-livepatch-MICRO-6-0_Update_4",
"tracking": {
"current_release_date": "2025-11-28T08:19:28Z",
"generator": {
"date": "2025-11-28T08:19:28Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:21107-1",
"initial_release_date": "2025-11-28T08:19:28Z",
"revision_history": [
{
"date": "2025-11-28T08:19:28Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"product_id": "kernel-livepatch-6_4_0-24-default-14-1.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-24-default-14-1.2.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-24-default-14-1.2.x86_64",
"product_id": "kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-24-default-14-1.2.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-24-default-14-1.2.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-24-default-14-1.2.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-53141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53141",
"url": "https://www.suse.com/security/cve/CVE-2024-53141"
},
{
"category": "external",
"summary": "SUSE Bug 1234381 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "external",
"summary": "SUSE Bug 1245778 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1245778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:28Z",
"details": "important"
}
],
"title": "CVE-2024-53141"
},
{
"cve": "CVE-2025-23145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix NULL pointer in can_accept_new_subflow\n\nWhen testing valkey benchmark tool with MPTCP, the kernel panics in\n\u0027mptcp_can_accept_new_subflow\u0027 because subflow_req-\u003emsk is NULL.\n\nCall trace:\n\n mptcp_can_accept_new_subflow (./net/mptcp/subflow.c:63 (discriminator 4)) (P)\n subflow_syn_recv_sock (./net/mptcp/subflow.c:854)\n tcp_check_req (./net/ipv4/tcp_minisocks.c:863)\n tcp_v4_rcv (./net/ipv4/tcp_ipv4.c:2268)\n ip_protocol_deliver_rcu (./net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (./net/ipv4/ip_input.c:234)\n ip_local_deliver (./net/ipv4/ip_input.c:254)\n ip_rcv_finish (./net/ipv4/ip_input.c:449)\n ...\n\nAccording to the debug log, the same req received two SYN-ACK in a very\nshort time, very likely because the client retransmits the syn ack due\nto multiple reasons.\n\nEven if the packets are transmitted with a relevant time interval, they\ncan be processed by the server on different CPUs concurrently). The\n\u0027subflow_req-\u003emsk\u0027 ownership is transferred to the subflow the first,\nand there will be a risk of a null pointer dereference here.\n\nThis patch fixes this issue by moving the \u0027subflow_req-\u003emsk\u0027 under the\n`own_req == true` conditional.\n\nNote that the !msk check in subflow_hmac_valid() can be dropped, because\nthe same check already exists under the own_req mpj branch where the\ncode has been moved to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23145",
"url": "https://www.suse.com/security/cve/CVE-2025-23145"
},
{
"category": "external",
"summary": "SUSE Bug 1242596 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "external",
"summary": "SUSE Bug 1242882 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:28Z",
"details": "important"
}
],
"title": "CVE-2025-23145"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:28Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: handle data disappearing from under the TLS ULP\n\nTLS expects that it owns the receive queue of the TCP socket.\nThis cannot be guaranteed in case the reader of the TCP socket\nentered before the TLS ULP was installed, or uses some non-standard\nread API (eg. zerocopy ones). Replace the WARN_ON() and a buggy\nearly exit (which leaves anchor pointing to a freed skb) with real\nerror handling. Wipe the parsing state and tell the reader to retry.\n\nWe already reload the anchor every time we (re)acquire the socket lock,\nso the only condition we need to avoid is an out of bounds read\n(not having enough bytes in the socket for previously parsed record len).\n\nIf some data was read from under TLS but there\u0027s enough in the queue\nwe\u0027ll reload and decrypt what is most likely not a valid TLS record.\nLeading to some undefined behavior from TLS perspective (corrupting\na stream? missing an alert? missing an attack?) but no kernel crash\nshould take place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38616",
"url": "https://www.suse.com/security/cve/CVE-2025-38616"
},
{
"category": "external",
"summary": "SUSE Bug 1248512 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1248512"
},
{
"category": "external",
"summary": "SUSE Bug 1249537 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1249537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-14-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:28Z",
"details": "important"
}
],
"title": "CVE-2025-38616"
}
]
}
SUSE-SU-2025:21116-1
Vulnerability from csaf_suse - Published: 2025-11-28 08:19 - Updated: 2025-11-28 08:19Summary
Security update for kernel-livepatch-MICRO-6-0-RT_Update_4
Severity
Important
Notes
Title of the patch: Security update for kernel-livepatch-MICRO-6-0-RT_Update_4
Description of the patch: This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778)
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)
Patchnames: SUSE-SLE-Micro-6.1-kernel-209
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kernel-livepatch-MICRO-6-0-RT_Update_4",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kernel-livepatch-MICRO-6-0-RT_Update_4 fixes the following issues:\n\n- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882)\n- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778)\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672)\n- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-209",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_21116-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:21116-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202521116-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:21116-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-December/023461.html"
},
{
"category": "self",
"summary": "SUSE Bug 1242882",
"url": "https://bugzilla.suse.com/1242882"
},
{
"category": "self",
"summary": "SUSE Bug 1245778",
"url": "https://bugzilla.suse.com/1245778"
},
{
"category": "self",
"summary": "SUSE Bug 1248672",
"url": "https://bugzilla.suse.com/1248672"
},
{
"category": "self",
"summary": "SUSE Bug 1249537",
"url": "https://bugzilla.suse.com/1249537"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53141 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38616 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38616/"
}
],
"title": "Security update for kernel-livepatch-MICRO-6-0-RT_Update_4",
"tracking": {
"current_release_date": "2025-11-28T08:19:29Z",
"generator": {
"date": "2025-11-28T08:19:29Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:21116-1",
"initial_release_date": "2025-11-28T08:19:29Z",
"revision_history": [
{
"date": "2025-11-28T08:19:29Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-53141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53141",
"url": "https://www.suse.com/security/cve/CVE-2024-53141"
},
{
"category": "external",
"summary": "SUSE Bug 1234381 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "external",
"summary": "SUSE Bug 1245778 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1245778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:29Z",
"details": "important"
}
],
"title": "CVE-2024-53141"
},
{
"cve": "CVE-2025-23145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix NULL pointer in can_accept_new_subflow\n\nWhen testing valkey benchmark tool with MPTCP, the kernel panics in\n\u0027mptcp_can_accept_new_subflow\u0027 because subflow_req-\u003emsk is NULL.\n\nCall trace:\n\n mptcp_can_accept_new_subflow (./net/mptcp/subflow.c:63 (discriminator 4)) (P)\n subflow_syn_recv_sock (./net/mptcp/subflow.c:854)\n tcp_check_req (./net/ipv4/tcp_minisocks.c:863)\n tcp_v4_rcv (./net/ipv4/tcp_ipv4.c:2268)\n ip_protocol_deliver_rcu (./net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (./net/ipv4/ip_input.c:234)\n ip_local_deliver (./net/ipv4/ip_input.c:254)\n ip_rcv_finish (./net/ipv4/ip_input.c:449)\n ...\n\nAccording to the debug log, the same req received two SYN-ACK in a very\nshort time, very likely because the client retransmits the syn ack due\nto multiple reasons.\n\nEven if the packets are transmitted with a relevant time interval, they\ncan be processed by the server on different CPUs concurrently). The\n\u0027subflow_req-\u003emsk\u0027 ownership is transferred to the subflow the first,\nand there will be a risk of a null pointer dereference here.\n\nThis patch fixes this issue by moving the \u0027subflow_req-\u003emsk\u0027 under the\n`own_req == true` conditional.\n\nNote that the !msk check in subflow_hmac_valid() can be dropped, because\nthe same check already exists under the own_req mpj branch where the\ncode has been moved to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23145",
"url": "https://www.suse.com/security/cve/CVE-2025-23145"
},
{
"category": "external",
"summary": "SUSE Bug 1242596 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "external",
"summary": "SUSE Bug 1242882 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:29Z",
"details": "important"
}
],
"title": "CVE-2025-23145"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:29Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: handle data disappearing from under the TLS ULP\n\nTLS expects that it owns the receive queue of the TCP socket.\nThis cannot be guaranteed in case the reader of the TCP socket\nentered before the TLS ULP was installed, or uses some non-standard\nread API (eg. zerocopy ones). Replace the WARN_ON() and a buggy\nearly exit (which leaves anchor pointing to a freed skb) with real\nerror handling. Wipe the parsing state and tell the reader to retry.\n\nWe already reload the anchor every time we (re)acquire the socket lock,\nso the only condition we need to avoid is an out of bounds read\n(not having enough bytes in the socket for previously parsed record len).\n\nIf some data was read from under TLS but there\u0027s enough in the queue\nwe\u0027ll reload and decrypt what is most likely not a valid TLS record.\nLeading to some undefined behavior from TLS perspective (corrupting\na stream? missing an alert? missing an attack?) but no kernel crash\nshould take place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38616",
"url": "https://www.suse.com/security/cve/CVE-2025-38616"
},
{
"category": "external",
"summary": "SUSE Bug 1248512 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1248512"
},
{
"category": "external",
"summary": "SUSE Bug 1249537 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1249537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-22-rt-13-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-28T08:19:29Z",
"details": "important"
}
],
"title": "CVE-2025-38616"
}
]
}
SUSE-SU-2025:4161-1
Vulnerability from csaf_suse - Published: 2025-11-22 08:05 - Updated: 2025-11-22 08:05Summary
Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 15 SP6)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 15 SP6)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.10.17 fixes various security issues
The following security issues were fixed:
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672).
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537).
Patchnames: SUSE-2025-4161,SUSE-SLE-Module-Live-Patching-15-SP6-2025-4161
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 15 SP6)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 6.4.0-150600.10.17 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778).\n- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882).\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248672).\n- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1249537).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4161,SUSE-SLE-Module-Live-Patching-15-SP6-2025-4161",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4161-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4161-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254161-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4161-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023331.html"
},
{
"category": "self",
"summary": "SUSE Bug 1242882",
"url": "https://bugzilla.suse.com/1242882"
},
{
"category": "self",
"summary": "SUSE Bug 1245778",
"url": "https://bugzilla.suse.com/1245778"
},
{
"category": "self",
"summary": "SUSE Bug 1248672",
"url": "https://bugzilla.suse.com/1248672"
},
{
"category": "self",
"summary": "SUSE Bug 1249537",
"url": "https://bugzilla.suse.com/1249537"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53141 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38616 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38616/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 15 SP6)",
"tracking": {
"current_release_date": "2025-11-22T08:05:20Z",
"generator": {
"date": "2025-11-22T08:05:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4161-1",
"initial_release_date": "2025-11-22T08:05:20Z",
"revision_history": [
{
"date": "2025-11-22T08:05:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-53141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53141",
"url": "https://www.suse.com/security/cve/CVE-2024-53141"
},
{
"category": "external",
"summary": "SUSE Bug 1234381 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "external",
"summary": "SUSE Bug 1245778 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1245778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-22T08:05:20Z",
"details": "important"
}
],
"title": "CVE-2024-53141"
},
{
"cve": "CVE-2025-23145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix NULL pointer in can_accept_new_subflow\n\nWhen testing valkey benchmark tool with MPTCP, the kernel panics in\n\u0027mptcp_can_accept_new_subflow\u0027 because subflow_req-\u003emsk is NULL.\n\nCall trace:\n\n mptcp_can_accept_new_subflow (./net/mptcp/subflow.c:63 (discriminator 4)) (P)\n subflow_syn_recv_sock (./net/mptcp/subflow.c:854)\n tcp_check_req (./net/ipv4/tcp_minisocks.c:863)\n tcp_v4_rcv (./net/ipv4/tcp_ipv4.c:2268)\n ip_protocol_deliver_rcu (./net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (./net/ipv4/ip_input.c:234)\n ip_local_deliver (./net/ipv4/ip_input.c:254)\n ip_rcv_finish (./net/ipv4/ip_input.c:449)\n ...\n\nAccording to the debug log, the same req received two SYN-ACK in a very\nshort time, very likely because the client retransmits the syn ack due\nto multiple reasons.\n\nEven if the packets are transmitted with a relevant time interval, they\ncan be processed by the server on different CPUs concurrently). The\n\u0027subflow_req-\u003emsk\u0027 ownership is transferred to the subflow the first,\nand there will be a risk of a null pointer dereference here.\n\nThis patch fixes this issue by moving the \u0027subflow_req-\u003emsk\u0027 under the\n`own_req == true` conditional.\n\nNote that the !msk check in subflow_hmac_valid() can be dropped, because\nthe same check already exists under the own_req mpj branch where the\ncode has been moved to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23145",
"url": "https://www.suse.com/security/cve/CVE-2025-23145"
},
{
"category": "external",
"summary": "SUSE Bug 1242596 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "external",
"summary": "SUSE Bug 1242882 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-22T08:05:20Z",
"details": "important"
}
],
"title": "CVE-2025-23145"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-22T08:05:20Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: handle data disappearing from under the TLS ULP\n\nTLS expects that it owns the receive queue of the TCP socket.\nThis cannot be guaranteed in case the reader of the TCP socket\nentered before the TLS ULP was installed, or uses some non-standard\nread API (eg. zerocopy ones). Replace the WARN_ON() and a buggy\nearly exit (which leaves anchor pointing to a freed skb) with real\nerror handling. Wipe the parsing state and tell the reader to retry.\n\nWe already reload the anchor every time we (re)acquire the socket lock,\nso the only condition we need to avoid is an out of bounds read\n(not having enough bytes in the socket for previously parsed record len).\n\nIf some data was read from under TLS but there\u0027s enough in the queue\nwe\u0027ll reload and decrypt what is most likely not a valid TLS record.\nLeading to some undefined behavior from TLS perspective (corrupting\na stream? missing an alert? missing an attack?) but no kernel crash\nshould take place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38616",
"url": "https://www.suse.com/security/cve/CVE-2025-38616"
},
{
"category": "external",
"summary": "SUSE Bug 1248512 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1248512"
},
{
"category": "external",
"summary": "SUSE Bug 1249537 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1249537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_17-rt-19-150600.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-22T08:05:20Z",
"details": "important"
}
],
"title": "CVE-2025-38616"
}
]
}
SUSE-SU-2025:4170-1
Vulnerability from csaf_suse - Published: 2025-11-23 11:34 - Updated: 2025-11-23 11:34Summary
Security update for the Linux Kernel (Live Patch 63 for SUSE Linux Enterprise 12 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 63 for SUSE Linux Enterprise 12 SP5)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 4.12.14-122.237 fixes one security issue
The following security issue was fixed:
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778).
Patchnames: SUSE-2025-4170,SUSE-SLE-Live-Patching-12-SP5-2025-4170
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 63 for SUSE Linux Enterprise 12 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 4.12.14-122.237 fixes one security issue\n\nThe following security issue was fixed:\n\n- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4170,SUSE-SLE-Live-Patching-12-SP5-2025-4170",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4170-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4170-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254170-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4170-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023327.html"
},
{
"category": "self",
"summary": "SUSE Bug 1245778",
"url": "https://bugzilla.suse.com/1245778"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53141 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53141/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 63 for SUSE Linux Enterprise 12 SP5)",
"tracking": {
"current_release_date": "2025-11-23T11:34:32Z",
"generator": {
"date": "2025-11-23T11:34:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4170-1",
"initial_release_date": "2025-11-23T11:34:32Z",
"revision_history": [
{
"date": "2025-11-23T11:34:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_237-default-15-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_237-default-15-2.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_237-default-15-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_237-default-15-2.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_237-default-15-2.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_237-default-15-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_237-default-15-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_237-default-15-2.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_237-default-15-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_237-default-15-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_237-default-15-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_237-default-15-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_237-default-15-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_237-default-15-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_237-default-15-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-53141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53141",
"url": "https://www.suse.com/security/cve/CVE-2024-53141"
},
{
"category": "external",
"summary": "SUSE Bug 1234381 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "external",
"summary": "SUSE Bug 1245778 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1245778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-23T11:34:32Z",
"details": "important"
}
],
"title": "CVE-2024-53141"
}
]
}
SUSE-SU-2025:4171-1
Vulnerability from csaf_suse - Published: 2025-11-23 13:34 - Updated: 2025-11-23 13:34Summary
Security update for the Linux Kernel (Live Patch 51 for SUSE Linux Enterprise 15 SP3)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 51 for SUSE Linux Enterprise 15 SP3)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.185 fixes various security issues
The following security issues were fixed:
- CVE-2022-50388: nvme: fix multipath crash caused by flush request when blktrace is enabled (bsc#1250295).
- CVE-2022-50432: kernfs: fix use-after-free in __kernfs_remove (bsc#1251228).
- CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before deleting conn (bsc#1251983).
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778).
Patchnames: SUSE-2025-4171,SUSE-SLE-Module-Live-Patching-15-SP3-2025-4171
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 51 for SUSE Linux Enterprise 15 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.185 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2022-50388: nvme: fix multipath crash caused by flush request when blktrace is enabled (bsc#1250295).\n- CVE-2022-50432: kernfs: fix use-after-free in __kernfs_remove (bsc#1251228).\n- CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before deleting conn (bsc#1251983).\n- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4171,SUSE-SLE-Module-Live-Patching-15-SP3-2025-4171",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4171-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4171-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254171-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4171-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023326.html"
},
{
"category": "self",
"summary": "SUSE Bug 1245778",
"url": "https://bugzilla.suse.com/1245778"
},
{
"category": "self",
"summary": "SUSE Bug 1250295",
"url": "https://bugzilla.suse.com/1250295"
},
{
"category": "self",
"summary": "SUSE Bug 1251228",
"url": "https://bugzilla.suse.com/1251228"
},
{
"category": "self",
"summary": "SUSE Bug 1251983",
"url": "https://bugzilla.suse.com/1251983"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50388 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50432 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50432/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53673 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53141 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53141/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 51 for SUSE Linux Enterprise 15 SP3)",
"tracking": {
"current_release_date": "2025-11-23T13:34:34Z",
"generator": {
"date": "2025-11-23T13:34:34Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4171-1",
"initial_release_date": "2025-11-23T13:34:34Z",
"revision_history": [
{
"date": "2025-11-23T13:34:34Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_185-preempt-16-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_185-preempt-16-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_185-preempt-16-150300.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-50388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50388"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: fix multipath crash caused by flush request when blktrace is enabled\n\nThe flush request initialized by blk_kick_flush has NULL bio,\nand it may be dealt with nvme_end_req during io completion.\nWhen blktrace is enabled, nvme_trace_bio_complete with multipath\nactivated trying to access NULL pointer bio from flush request\nresults in the following crash:\n\n[ 2517.831677] BUG: kernel NULL pointer dereference, address: 000000000000001a\n[ 2517.835213] #PF: supervisor read access in kernel mode\n[ 2517.838724] #PF: error_code(0x0000) - not-present page\n[ 2517.842222] PGD 7b2d51067 P4D 0\n[ 2517.845684] Oops: 0000 [#1] SMP NOPTI\n[ 2517.849125] CPU: 2 PID: 732 Comm: kworker/2:1H Kdump: loaded Tainted: G S 5.15.67-0.cl9.x86_64 #1\n[ 2517.852723] Hardware name: XFUSION 2288H V6/BC13MBSBC, BIOS 1.13 07/27/2022\n[ 2517.856358] Workqueue: nvme_tcp_wq nvme_tcp_io_work [nvme_tcp]\n[ 2517.859993] RIP: 0010:blk_add_trace_bio_complete+0x6/0x30\n[ 2517.863628] Code: 1f 44 00 00 48 8b 46 08 31 c9 ba 04 00 10 00 48 8b 80 50 03 00 00 48 8b 78 50 e9 e5 fe ff ff 0f 1f 44 00 00 41 54 49 89 f4 55 \u003c0f\u003e b6 7a 1a 48 89 d5 e8 3e 1c 2b 00 48 89 ee 4c 89 e7 5d 89 c1 ba\n[ 2517.871269] RSP: 0018:ff7f6a008d9dbcd0 EFLAGS: 00010286\n[ 2517.875081] RAX: ff3d5b4be00b1d50 RBX: 0000000002040002 RCX: ff3d5b0a270f2000\n[ 2517.878966] RDX: 0000000000000000 RSI: ff3d5b0b021fb9f8 RDI: 0000000000000000\n[ 2517.882849] RBP: ff3d5b0b96a6fa00 R08: 0000000000000001 R09: 0000000000000000\n[ 2517.886718] R10: 000000000000000c R11: 000000000000000c R12: ff3d5b0b021fb9f8\n[ 2517.890575] R13: 0000000002000000 R14: ff3d5b0b021fb1b0 R15: 0000000000000018\n[ 2517.894434] FS: 0000000000000000(0000) GS:ff3d5b42bfc80000(0000) knlGS:0000000000000000\n[ 2517.898299] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 2517.902157] CR2: 000000000000001a CR3: 00000004f023e005 CR4: 0000000000771ee0\n[ 2517.906053] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 2517.909930] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 2517.913761] PKRU: 55555554\n[ 2517.917558] Call Trace:\n[ 2517.921294] \u003cTASK\u003e\n[ 2517.924982] nvme_complete_rq+0x1c3/0x1e0 [nvme_core]\n[ 2517.928715] nvme_tcp_recv_pdu+0x4d7/0x540 [nvme_tcp]\n[ 2517.932442] nvme_tcp_recv_skb+0x4f/0x240 [nvme_tcp]\n[ 2517.936137] ? nvme_tcp_recv_pdu+0x540/0x540 [nvme_tcp]\n[ 2517.939830] tcp_read_sock+0x9c/0x260\n[ 2517.943486] nvme_tcp_try_recv+0x65/0xa0 [nvme_tcp]\n[ 2517.947173] nvme_tcp_io_work+0x64/0x90 [nvme_tcp]\n[ 2517.950834] process_one_work+0x1e8/0x390\n[ 2517.954473] worker_thread+0x53/0x3c0\n[ 2517.958069] ? process_one_work+0x390/0x390\n[ 2517.961655] kthread+0x10c/0x130\n[ 2517.965211] ? set_kthread_struct+0x40/0x40\n[ 2517.968760] ret_from_fork+0x1f/0x30\n[ 2517.972285] \u003c/TASK\u003e\n\nTo avoid this situation, add a NULL check for req-\u003ebio before\ncalling trace_block_bio_complete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50388",
"url": "https://www.suse.com/security/cve/CVE-2022-50388"
},
{
"category": "external",
"summary": "SUSE Bug 1250293 for CVE-2022-50388",
"url": "https://bugzilla.suse.com/1250293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-23T13:34:34Z",
"details": "important"
}
],
"title": "CVE-2022-50388"
},
{
"cve": "CVE-2022-50432",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50432"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkernfs: fix use-after-free in __kernfs_remove\n\nSyzkaller managed to trigger concurrent calls to\nkernfs_remove_by_name_ns() for the same file resulting in\na KASAN detected use-after-free. The race occurs when the root\nnode is freed during kernfs_drain().\n\nTo prevent this acquire an additional reference for the root\nof the tree that is removed before calling __kernfs_remove().\n\nFound by syzkaller with the following reproducer (slab_nomerge is\nrequired):\n\nsyz_mount_image$ext4(0x0, \u0026(0x7f0000000100)=\u0027./file0\\x00\u0027, 0x100000, 0x0, 0x0, 0x0, 0x0)\nr0 = openat(0xffffffffffffff9c, \u0026(0x7f0000000080)=\u0027/proc/self/exe\\x00\u0027, 0x0, 0x0)\nclose(r0)\npipe2(\u0026(0x7f0000000140)={0xffffffffffffffff, \u003cr1=\u003e0xffffffffffffffff}, 0x800)\nmount$9p_fd(0x0, \u0026(0x7f0000000040)=\u0027./file0\\x00\u0027, \u0026(0x7f00000000c0), 0x408, \u0026(0x7f0000000280)={\u0027trans=fd,\u0027, {\u0027rfdno\u0027, 0x3d, r0}, 0x2c, {\u0027wfdno\u0027, 0x3d, r1}, 0x2c, {[{@cache_loose}, {@mmap}, {@loose}, {@loose}, {@mmap}], [{@mask={\u0027mask\u0027, 0x3d, \u0027^MAY_EXEC\u0027}}, {@fsmagic={\u0027fsmagic\u0027, 0x3d, 0x10001}}, {@dont_hash}]}})\n\nSample report:\n\n==================================================================\nBUG: KASAN: use-after-free in kernfs_type include/linux/kernfs.h:335 [inline]\nBUG: KASAN: use-after-free in kernfs_leftmost_descendant fs/kernfs/dir.c:1261 [inline]\nBUG: KASAN: use-after-free in __kernfs_remove.part.0+0x843/0x960 fs/kernfs/dir.c:1369\nRead of size 2 at addr ffff8880088807f0 by task syz-executor.2/857\n\nCPU: 0 PID: 857 Comm: syz-executor.2 Not tainted 6.0.0-rc3-00363-g7726d4c3e60b #5\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x6e/0x91 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:317 [inline]\n print_report.cold+0x5e/0x5e5 mm/kasan/report.c:433\n kasan_report+0xa3/0x130 mm/kasan/report.c:495\n kernfs_type include/linux/kernfs.h:335 [inline]\n kernfs_leftmost_descendant fs/kernfs/dir.c:1261 [inline]\n __kernfs_remove.part.0+0x843/0x960 fs/kernfs/dir.c:1369\n __kernfs_remove fs/kernfs/dir.c:1356 [inline]\n kernfs_remove_by_name_ns+0x108/0x190 fs/kernfs/dir.c:1589\n sysfs_slab_add+0x133/0x1e0 mm/slub.c:5943\n __kmem_cache_create+0x3e0/0x550 mm/slub.c:4899\n create_cache mm/slab_common.c:229 [inline]\n kmem_cache_create_usercopy+0x167/0x2a0 mm/slab_common.c:335\n p9_client_create+0xd4d/0x1190 net/9p/client.c:993\n v9fs_session_init+0x1e6/0x13c0 fs/9p/v9fs.c:408\n v9fs_mount+0xb9/0xbd0 fs/9p/vfs_super.c:126\n legacy_get_tree+0xf1/0x200 fs/fs_context.c:610\n vfs_get_tree+0x85/0x2e0 fs/super.c:1530\n do_new_mount fs/namespace.c:3040 [inline]\n path_mount+0x675/0x1d00 fs/namespace.c:3370\n do_mount fs/namespace.c:3383 [inline]\n __do_sys_mount fs/namespace.c:3591 [inline]\n __se_sys_mount fs/namespace.c:3568 [inline]\n __x64_sys_mount+0x282/0x300 fs/namespace.c:3568\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x38/0x90 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7f725f983aed\nCode: 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f725f0f7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5\nRAX: ffffffffffffffda RBX: 00007f725faa3f80 RCX: 00007f725f983aed\nRDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000\nRBP: 00007f725f9f419c R08: 0000000020000280 R09: 0000000000000000\nR10: 0000000000000408 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000006 R14: 00007f725faa3f80 R15: 00007f725f0d7000\n \u003c/TASK\u003e\n\nAllocated by task 855:\n kasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\n kasan_set_track mm/kasan/common.c:45 [inline]\n set_alloc_info mm/kasan/common.c:437 [inline]\n __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:470\n kasan_slab_alloc include/linux/kasan.h:224 [inline]\n slab_post_alloc_hook mm/slab.h:7\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50432",
"url": "https://www.suse.com/security/cve/CVE-2022-50432"
},
{
"category": "external",
"summary": "SUSE Bug 1250851 for CVE-2022-50432",
"url": "https://bugzilla.suse.com/1250851"
},
{
"category": "external",
"summary": "SUSE Bug 1251228 for CVE-2022-50432",
"url": "https://bugzilla.suse.com/1251228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-23T13:34:34Z",
"details": "important"
}
],
"title": "CVE-2022-50432"
},
{
"cve": "CVE-2023-53673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: call disconnect callback before deleting conn\n\nIn hci_cs_disconnect, we do hci_conn_del even if disconnection failed.\n\nISO, L2CAP and SCO connections refer to the hci_conn without\nhci_conn_get, so disconn_cfm must be called so they can clean up their\nconn, otherwise use-after-free occurs.\n\nISO:\n==========================================================\niso_sock_connect:880: sk 00000000eabd6557\niso_connect_cis:356: 70:1a:b8:98:ff:a2 -\u003e 28:3d:c2:4a:7e:da\n...\niso_conn_add:140: hcon 000000001696f1fd conn 00000000b6251073\nhci_dev_put:1487: hci0 orig refcnt 17\n__iso_chan_add:214: conn 00000000b6251073\niso_sock_clear_timer:117: sock 00000000eabd6557 state 3\n...\nhci_rx_work:4085: hci0 Event packet\nhci_event_packet:7601: hci0: event 0x0f\nhci_cmd_status_evt:4346: hci0: opcode 0x0406\nhci_cs_disconnect:2760: hci0: status 0x0c\nhci_sent_cmd_data:3107: hci0 opcode 0x0406\nhci_conn_del:1151: hci0 hcon 000000001696f1fd handle 2560\nhci_conn_unlink:1102: hci0: hcon 000000001696f1fd\nhci_conn_drop:1451: hcon 00000000d8521aaf orig refcnt 2\nhci_chan_list_flush:2780: hcon 000000001696f1fd\nhci_dev_put:1487: hci0 orig refcnt 21\nhci_dev_put:1487: hci0 orig refcnt 20\nhci_req_cmd_complete:3978: opcode 0x0406 status 0x0c\n... \u003cno iso_* activity on sk/conn\u003e ...\niso_sock_sendmsg:1098: sock 00000000dea5e2e0, sk 00000000eabd6557\nBUG: kernel NULL pointer dereference, address: 0000000000000668\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP PTI\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014\nRIP: 0010:iso_sock_sendmsg (net/bluetooth/iso.c:1112) bluetooth\n==========================================================\n\nL2CAP:\n==================================================================\nhci_cmd_status_evt:4359: hci0: opcode 0x0406\nhci_cs_disconnect:2760: hci0: status 0x0c\nhci_sent_cmd_data:3085: hci0 opcode 0x0406\nhci_conn_del:1151: hci0 hcon ffff88800c999000 handle 3585\nhci_conn_unlink:1102: hci0: hcon ffff88800c999000\nhci_chan_list_flush:2780: hcon ffff88800c999000\nhci_chan_del:2761: hci0 hcon ffff88800c999000 chan ffff888018ddd280\n...\nBUG: KASAN: slab-use-after-free in hci_send_acl+0x2d/0x540 [bluetooth]\nRead of size 8 at addr ffff888018ddd298 by task bluetoothd/1175\n\nCPU: 0 PID: 1175 Comm: bluetoothd Tainted: G E 6.4.0-rc4+ #2\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5b/0x90\n print_report+0xcf/0x670\n ? __virt_addr_valid+0xf8/0x180\n ? hci_send_acl+0x2d/0x540 [bluetooth]\n kasan_report+0xa8/0xe0\n ? hci_send_acl+0x2d/0x540 [bluetooth]\n hci_send_acl+0x2d/0x540 [bluetooth]\n ? __pfx___lock_acquire+0x10/0x10\n l2cap_chan_send+0x1fd/0x1300 [bluetooth]\n ? l2cap_sock_sendmsg+0xf2/0x170 [bluetooth]\n ? __pfx_l2cap_chan_send+0x10/0x10 [bluetooth]\n ? lock_release+0x1d5/0x3c0\n ? mark_held_locks+0x1a/0x90\n l2cap_sock_sendmsg+0x100/0x170 [bluetooth]\n sock_write_iter+0x275/0x280\n ? __pfx_sock_write_iter+0x10/0x10\n ? __pfx___lock_acquire+0x10/0x10\n do_iter_readv_writev+0x176/0x220\n ? __pfx_do_iter_readv_writev+0x10/0x10\n ? find_held_lock+0x83/0xa0\n ? selinux_file_permission+0x13e/0x210\n do_iter_write+0xda/0x340\n vfs_writev+0x1b4/0x400\n ? __pfx_vfs_writev+0x10/0x10\n ? __seccomp_filter+0x112/0x750\n ? populate_seccomp_data+0x182/0x220\n ? __fget_light+0xdf/0x100\n ? do_writev+0x19d/0x210\n do_writev+0x19d/0x210\n ? __pfx_do_writev+0x10/0x10\n ? mark_held_locks+0x1a/0x90\n do_syscall_64+0x60/0x90\n ? lockdep_hardirqs_on_prepare+0x149/0x210\n ? do_syscall_64+0x6c/0x90\n ? lockdep_hardirqs_on_prepare+0x149/0x210\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x7ff45cb23e64\nCode: 15 d1 1f 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 80 3d 9d a7 0d 00 00 74 13 b8 14 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89\nRSP: 002b:00007fff21ae09b8 EFLAGS: 00000202 ORIG_RAX: 0000000000000014\nRAX: ffffffffffffffda RBX: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53673",
"url": "https://www.suse.com/security/cve/CVE-2023-53673"
},
{
"category": "external",
"summary": "SUSE Bug 1251763 for CVE-2023-53673",
"url": "https://bugzilla.suse.com/1251763"
},
{
"category": "external",
"summary": "SUSE Bug 1251983 for CVE-2023-53673",
"url": "https://bugzilla.suse.com/1251983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-23T13:34:34Z",
"details": "important"
}
],
"title": "CVE-2023-53673"
},
{
"cve": "CVE-2024-53141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53141",
"url": "https://www.suse.com/security/cve/CVE-2024-53141"
},
{
"category": "external",
"summary": "SUSE Bug 1234381 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "external",
"summary": "SUSE Bug 1245778 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1245778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_185-default-16-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-23T13:34:34Z",
"details": "important"
}
],
"title": "CVE-2024-53141"
}
]
}
SUSE-SU-2025:4194-1
Vulnerability from csaf_suse - Published: 2025-11-24 10:04 - Updated: 2025-11-24 10:04Summary
Security update for the Linux Kernel (Live Patch 62 for SUSE Linux Enterprise 12 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 62 for SUSE Linux Enterprise 12 SP5)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 4.12.14-122.234 fixes one security issue
The following security issue was fixed:
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778).
Patchnames: SUSE-2025-4194,SUSE-SLE-Live-Patching-12-SP5-2025-4194
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-19-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-19-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-19-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 62 for SUSE Linux Enterprise 12 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 4.12.14-122.234 fixes one security issue\n\nThe following security issue was fixed:\n\n- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4194,SUSE-SLE-Live-Patching-12-SP5-2025-4194",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4194-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4194-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254194-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4194-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023333.html"
},
{
"category": "self",
"summary": "SUSE Bug 1245778",
"url": "https://bugzilla.suse.com/1245778"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53141 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53141/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 62 for SUSE Linux Enterprise 12 SP5)",
"tracking": {
"current_release_date": "2025-11-24T10:04:23Z",
"generator": {
"date": "2025-11-24T10:04:23Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4194-1",
"initial_release_date": "2025-11-24T10:04:23Z",
"revision_history": [
{
"date": "2025-11-24T10:04:23Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_234-default-19-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_234-default-19-2.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_234-default-19-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_234-default-19-2.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_234-default-19-2.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_234-default-19-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_234-default-19-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_234-default-19-2.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_234-default-19-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_234-default-19-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-19-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_234-default-19-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_234-default-19-2.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-19-2.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_234-default-19-2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_234-default-19-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-19-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_234-default-19-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-53141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-19-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-19-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-19-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53141",
"url": "https://www.suse.com/security/cve/CVE-2024-53141"
},
{
"category": "external",
"summary": "SUSE Bug 1234381 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "external",
"summary": "SUSE Bug 1245778 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1245778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-19-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-19-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-19-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-19-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-19-2.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_234-default-19-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T10:04:23Z",
"details": "important"
}
],
"title": "CVE-2024-53141"
}
]
}
SUSE-SU-2025:4199-1
Vulnerability from csaf_suse - Published: 2025-11-24 12:33 - Updated: 2025-11-24 12:33Summary
Security update for the Linux Kernel (Live Patch 33 for SUSE Linux Enterprise 15 SP4)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 33 for SUSE Linux Enterprise 15 SP4)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.141 fixes various security issues
The following security issues were fixed:
- CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before deleting conn (bsc#1251983).
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882).
Patchnames: SUSE-2025-4199,SUSE-SLE-Module-Live-Patching-15-SP4-2025-4199
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
19 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 33 for SUSE Linux Enterprise 15 SP4)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.141 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before deleting conn (bsc#1251983).\n- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778).\n- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242882).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4199,SUSE-SLE-Module-Live-Patching-15-SP4-2025-4199",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4199-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4199-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254199-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4199-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023345.html"
},
{
"category": "self",
"summary": "SUSE Bug 1242882",
"url": "https://bugzilla.suse.com/1242882"
},
{
"category": "self",
"summary": "SUSE Bug 1245778",
"url": "https://bugzilla.suse.com/1245778"
},
{
"category": "self",
"summary": "SUSE Bug 1251983",
"url": "https://bugzilla.suse.com/1251983"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53673 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53141 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23145/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 33 for SUSE Linux Enterprise 15 SP4)",
"tracking": {
"current_release_date": "2025-11-24T12:33:54Z",
"generator": {
"date": "2025-11-24T12:33:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4199-1",
"initial_release_date": "2025-11-24T12:33:54Z",
"revision_history": [
{
"date": "2025-11-24T12:33:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: call disconnect callback before deleting conn\n\nIn hci_cs_disconnect, we do hci_conn_del even if disconnection failed.\n\nISO, L2CAP and SCO connections refer to the hci_conn without\nhci_conn_get, so disconn_cfm must be called so they can clean up their\nconn, otherwise use-after-free occurs.\n\nISO:\n==========================================================\niso_sock_connect:880: sk 00000000eabd6557\niso_connect_cis:356: 70:1a:b8:98:ff:a2 -\u003e 28:3d:c2:4a:7e:da\n...\niso_conn_add:140: hcon 000000001696f1fd conn 00000000b6251073\nhci_dev_put:1487: hci0 orig refcnt 17\n__iso_chan_add:214: conn 00000000b6251073\niso_sock_clear_timer:117: sock 00000000eabd6557 state 3\n...\nhci_rx_work:4085: hci0 Event packet\nhci_event_packet:7601: hci0: event 0x0f\nhci_cmd_status_evt:4346: hci0: opcode 0x0406\nhci_cs_disconnect:2760: hci0: status 0x0c\nhci_sent_cmd_data:3107: hci0 opcode 0x0406\nhci_conn_del:1151: hci0 hcon 000000001696f1fd handle 2560\nhci_conn_unlink:1102: hci0: hcon 000000001696f1fd\nhci_conn_drop:1451: hcon 00000000d8521aaf orig refcnt 2\nhci_chan_list_flush:2780: hcon 000000001696f1fd\nhci_dev_put:1487: hci0 orig refcnt 21\nhci_dev_put:1487: hci0 orig refcnt 20\nhci_req_cmd_complete:3978: opcode 0x0406 status 0x0c\n... \u003cno iso_* activity on sk/conn\u003e ...\niso_sock_sendmsg:1098: sock 00000000dea5e2e0, sk 00000000eabd6557\nBUG: kernel NULL pointer dereference, address: 0000000000000668\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP PTI\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014\nRIP: 0010:iso_sock_sendmsg (net/bluetooth/iso.c:1112) bluetooth\n==========================================================\n\nL2CAP:\n==================================================================\nhci_cmd_status_evt:4359: hci0: opcode 0x0406\nhci_cs_disconnect:2760: hci0: status 0x0c\nhci_sent_cmd_data:3085: hci0 opcode 0x0406\nhci_conn_del:1151: hci0 hcon ffff88800c999000 handle 3585\nhci_conn_unlink:1102: hci0: hcon ffff88800c999000\nhci_chan_list_flush:2780: hcon ffff88800c999000\nhci_chan_del:2761: hci0 hcon ffff88800c999000 chan ffff888018ddd280\n...\nBUG: KASAN: slab-use-after-free in hci_send_acl+0x2d/0x540 [bluetooth]\nRead of size 8 at addr ffff888018ddd298 by task bluetoothd/1175\n\nCPU: 0 PID: 1175 Comm: bluetoothd Tainted: G E 6.4.0-rc4+ #2\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5b/0x90\n print_report+0xcf/0x670\n ? __virt_addr_valid+0xf8/0x180\n ? hci_send_acl+0x2d/0x540 [bluetooth]\n kasan_report+0xa8/0xe0\n ? hci_send_acl+0x2d/0x540 [bluetooth]\n hci_send_acl+0x2d/0x540 [bluetooth]\n ? __pfx___lock_acquire+0x10/0x10\n l2cap_chan_send+0x1fd/0x1300 [bluetooth]\n ? l2cap_sock_sendmsg+0xf2/0x170 [bluetooth]\n ? __pfx_l2cap_chan_send+0x10/0x10 [bluetooth]\n ? lock_release+0x1d5/0x3c0\n ? mark_held_locks+0x1a/0x90\n l2cap_sock_sendmsg+0x100/0x170 [bluetooth]\n sock_write_iter+0x275/0x280\n ? __pfx_sock_write_iter+0x10/0x10\n ? __pfx___lock_acquire+0x10/0x10\n do_iter_readv_writev+0x176/0x220\n ? __pfx_do_iter_readv_writev+0x10/0x10\n ? find_held_lock+0x83/0xa0\n ? selinux_file_permission+0x13e/0x210\n do_iter_write+0xda/0x340\n vfs_writev+0x1b4/0x400\n ? __pfx_vfs_writev+0x10/0x10\n ? __seccomp_filter+0x112/0x750\n ? populate_seccomp_data+0x182/0x220\n ? __fget_light+0xdf/0x100\n ? do_writev+0x19d/0x210\n do_writev+0x19d/0x210\n ? __pfx_do_writev+0x10/0x10\n ? mark_held_locks+0x1a/0x90\n do_syscall_64+0x60/0x90\n ? lockdep_hardirqs_on_prepare+0x149/0x210\n ? do_syscall_64+0x6c/0x90\n ? lockdep_hardirqs_on_prepare+0x149/0x210\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x7ff45cb23e64\nCode: 15 d1 1f 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 80 3d 9d a7 0d 00 00 74 13 b8 14 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89\nRSP: 002b:00007fff21ae09b8 EFLAGS: 00000202 ORIG_RAX: 0000000000000014\nRAX: ffffffffffffffda RBX: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53673",
"url": "https://www.suse.com/security/cve/CVE-2023-53673"
},
{
"category": "external",
"summary": "SUSE Bug 1251763 for CVE-2023-53673",
"url": "https://bugzilla.suse.com/1251763"
},
{
"category": "external",
"summary": "SUSE Bug 1251983 for CVE-2023-53673",
"url": "https://bugzilla.suse.com/1251983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T12:33:54Z",
"details": "important"
}
],
"title": "CVE-2023-53673"
},
{
"cve": "CVE-2024-53141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53141",
"url": "https://www.suse.com/security/cve/CVE-2024-53141"
},
{
"category": "external",
"summary": "SUSE Bug 1234381 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "external",
"summary": "SUSE Bug 1245778 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1245778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T12:33:54Z",
"details": "important"
}
],
"title": "CVE-2024-53141"
},
{
"cve": "CVE-2025-23145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix NULL pointer in can_accept_new_subflow\n\nWhen testing valkey benchmark tool with MPTCP, the kernel panics in\n\u0027mptcp_can_accept_new_subflow\u0027 because subflow_req-\u003emsk is NULL.\n\nCall trace:\n\n mptcp_can_accept_new_subflow (./net/mptcp/subflow.c:63 (discriminator 4)) (P)\n subflow_syn_recv_sock (./net/mptcp/subflow.c:854)\n tcp_check_req (./net/ipv4/tcp_minisocks.c:863)\n tcp_v4_rcv (./net/ipv4/tcp_ipv4.c:2268)\n ip_protocol_deliver_rcu (./net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (./net/ipv4/ip_input.c:234)\n ip_local_deliver (./net/ipv4/ip_input.c:254)\n ip_rcv_finish (./net/ipv4/ip_input.c:449)\n ...\n\nAccording to the debug log, the same req received two SYN-ACK in a very\nshort time, very likely because the client retransmits the syn ack due\nto multiple reasons.\n\nEven if the packets are transmitted with a relevant time interval, they\ncan be processed by the server on different CPUs concurrently). The\n\u0027subflow_req-\u003emsk\u0027 ownership is transferred to the subflow the first,\nand there will be a risk of a null pointer dereference here.\n\nThis patch fixes this issue by moving the \u0027subflow_req-\u003emsk\u0027 under the\n`own_req == true` conditional.\n\nNote that the !msk check in subflow_hmac_valid() can be dropped, because\nthe same check already exists under the own_req mpj branch where the\ncode has been moved to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23145",
"url": "https://www.suse.com/security/cve/CVE-2025-23145"
},
{
"category": "external",
"summary": "SUSE Bug 1242596 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "external",
"summary": "SUSE Bug 1242882 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_141-default-18-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T12:33:54Z",
"details": "important"
}
],
"title": "CVE-2025-23145"
}
]
}
SUSE-SU-2025:4203-1
Vulnerability from csaf_suse - Published: 2025-11-24 17:39 - Updated: 2025-11-24 17:39Summary
Security update for the Linux Kernel (Live Patch 50 for SUSE Linux Enterprise 15 SP3)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 50 for SUSE Linux Enterprise 15 SP3)
Description of the patch:
This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.182 fixes various security issues
The following security issues were fixed:
- CVE-2022-50388: nvme: fix multipath crash caused by flush request when blktrace is enabled (bsc#1250295).
- CVE-2022-50432: kernfs: fix use-after-free in __kernfs_remove (bsc#1251228).
- CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before deleting conn (bsc#1251983).
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778).
Patchnames: SUSE-2025-4203,SUSE-2025-4204,SUSE-2025-4205,SUSE-SLE-Module-Live-Patching-15-SP3-2025-4203
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 50 for SUSE Linux Enterprise 15 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.182 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2022-50388: nvme: fix multipath crash caused by flush request when blktrace is enabled (bsc#1250295).\n- CVE-2022-50432: kernfs: fix use-after-free in __kernfs_remove (bsc#1251228).\n- CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before deleting conn (bsc#1251983).\n- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4203,SUSE-2025-4204,SUSE-2025-4205,SUSE-SLE-Module-Live-Patching-15-SP3-2025-4203",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4203-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4203-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254203-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4203-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023350.html"
},
{
"category": "self",
"summary": "SUSE Bug 1245778",
"url": "https://bugzilla.suse.com/1245778"
},
{
"category": "self",
"summary": "SUSE Bug 1250295",
"url": "https://bugzilla.suse.com/1250295"
},
{
"category": "self",
"summary": "SUSE Bug 1251228",
"url": "https://bugzilla.suse.com/1251228"
},
{
"category": "self",
"summary": "SUSE Bug 1251983",
"url": "https://bugzilla.suse.com/1251983"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50388 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50432 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50432/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53673 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53141 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53141/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 50 for SUSE Linux Enterprise 15 SP3)",
"tracking": {
"current_release_date": "2025-11-24T17:39:50Z",
"generator": {
"date": "2025-11-24T17:39:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4203-1",
"initial_release_date": "2025-11-24T17:39:50Z",
"revision_history": [
{
"date": "2025-11-24T17:39:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_188-default-15-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_188-default-15-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_188-default-15-150300.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_195-default-12-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_195-default-12-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_195-default-12-150300.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_188-default-15-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_188-default-15-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_188-default-15-150300.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_195-default-12-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_195-default-12-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_195-default-12-150300.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_182-preempt-18-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_182-preempt-18-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_182-preempt-18-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_188-default-15-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_188-default-15-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_188-default-15-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_188-preempt-15-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_188-preempt-15-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_188-preempt-15-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_195-default-12-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_195-default-12-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_195-default-12-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_195-preempt-12-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_195-preempt-12-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_195-preempt-12-150300.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-50388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50388"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: fix multipath crash caused by flush request when blktrace is enabled\n\nThe flush request initialized by blk_kick_flush has NULL bio,\nand it may be dealt with nvme_end_req during io completion.\nWhen blktrace is enabled, nvme_trace_bio_complete with multipath\nactivated trying to access NULL pointer bio from flush request\nresults in the following crash:\n\n[ 2517.831677] BUG: kernel NULL pointer dereference, address: 000000000000001a\n[ 2517.835213] #PF: supervisor read access in kernel mode\n[ 2517.838724] #PF: error_code(0x0000) - not-present page\n[ 2517.842222] PGD 7b2d51067 P4D 0\n[ 2517.845684] Oops: 0000 [#1] SMP NOPTI\n[ 2517.849125] CPU: 2 PID: 732 Comm: kworker/2:1H Kdump: loaded Tainted: G S 5.15.67-0.cl9.x86_64 #1\n[ 2517.852723] Hardware name: XFUSION 2288H V6/BC13MBSBC, BIOS 1.13 07/27/2022\n[ 2517.856358] Workqueue: nvme_tcp_wq nvme_tcp_io_work [nvme_tcp]\n[ 2517.859993] RIP: 0010:blk_add_trace_bio_complete+0x6/0x30\n[ 2517.863628] Code: 1f 44 00 00 48 8b 46 08 31 c9 ba 04 00 10 00 48 8b 80 50 03 00 00 48 8b 78 50 e9 e5 fe ff ff 0f 1f 44 00 00 41 54 49 89 f4 55 \u003c0f\u003e b6 7a 1a 48 89 d5 e8 3e 1c 2b 00 48 89 ee 4c 89 e7 5d 89 c1 ba\n[ 2517.871269] RSP: 0018:ff7f6a008d9dbcd0 EFLAGS: 00010286\n[ 2517.875081] RAX: ff3d5b4be00b1d50 RBX: 0000000002040002 RCX: ff3d5b0a270f2000\n[ 2517.878966] RDX: 0000000000000000 RSI: ff3d5b0b021fb9f8 RDI: 0000000000000000\n[ 2517.882849] RBP: ff3d5b0b96a6fa00 R08: 0000000000000001 R09: 0000000000000000\n[ 2517.886718] R10: 000000000000000c R11: 000000000000000c R12: ff3d5b0b021fb9f8\n[ 2517.890575] R13: 0000000002000000 R14: ff3d5b0b021fb1b0 R15: 0000000000000018\n[ 2517.894434] FS: 0000000000000000(0000) GS:ff3d5b42bfc80000(0000) knlGS:0000000000000000\n[ 2517.898299] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 2517.902157] CR2: 000000000000001a CR3: 00000004f023e005 CR4: 0000000000771ee0\n[ 2517.906053] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 2517.909930] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 2517.913761] PKRU: 55555554\n[ 2517.917558] Call Trace:\n[ 2517.921294] \u003cTASK\u003e\n[ 2517.924982] nvme_complete_rq+0x1c3/0x1e0 [nvme_core]\n[ 2517.928715] nvme_tcp_recv_pdu+0x4d7/0x540 [nvme_tcp]\n[ 2517.932442] nvme_tcp_recv_skb+0x4f/0x240 [nvme_tcp]\n[ 2517.936137] ? nvme_tcp_recv_pdu+0x540/0x540 [nvme_tcp]\n[ 2517.939830] tcp_read_sock+0x9c/0x260\n[ 2517.943486] nvme_tcp_try_recv+0x65/0xa0 [nvme_tcp]\n[ 2517.947173] nvme_tcp_io_work+0x64/0x90 [nvme_tcp]\n[ 2517.950834] process_one_work+0x1e8/0x390\n[ 2517.954473] worker_thread+0x53/0x3c0\n[ 2517.958069] ? process_one_work+0x390/0x390\n[ 2517.961655] kthread+0x10c/0x130\n[ 2517.965211] ? set_kthread_struct+0x40/0x40\n[ 2517.968760] ret_from_fork+0x1f/0x30\n[ 2517.972285] \u003c/TASK\u003e\n\nTo avoid this situation, add a NULL check for req-\u003ebio before\ncalling trace_block_bio_complete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50388",
"url": "https://www.suse.com/security/cve/CVE-2022-50388"
},
{
"category": "external",
"summary": "SUSE Bug 1250293 for CVE-2022-50388",
"url": "https://bugzilla.suse.com/1250293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T17:39:50Z",
"details": "important"
}
],
"title": "CVE-2022-50388"
},
{
"cve": "CVE-2022-50432",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50432"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkernfs: fix use-after-free in __kernfs_remove\n\nSyzkaller managed to trigger concurrent calls to\nkernfs_remove_by_name_ns() for the same file resulting in\na KASAN detected use-after-free. The race occurs when the root\nnode is freed during kernfs_drain().\n\nTo prevent this acquire an additional reference for the root\nof the tree that is removed before calling __kernfs_remove().\n\nFound by syzkaller with the following reproducer (slab_nomerge is\nrequired):\n\nsyz_mount_image$ext4(0x0, \u0026(0x7f0000000100)=\u0027./file0\\x00\u0027, 0x100000, 0x0, 0x0, 0x0, 0x0)\nr0 = openat(0xffffffffffffff9c, \u0026(0x7f0000000080)=\u0027/proc/self/exe\\x00\u0027, 0x0, 0x0)\nclose(r0)\npipe2(\u0026(0x7f0000000140)={0xffffffffffffffff, \u003cr1=\u003e0xffffffffffffffff}, 0x800)\nmount$9p_fd(0x0, \u0026(0x7f0000000040)=\u0027./file0\\x00\u0027, \u0026(0x7f00000000c0), 0x408, \u0026(0x7f0000000280)={\u0027trans=fd,\u0027, {\u0027rfdno\u0027, 0x3d, r0}, 0x2c, {\u0027wfdno\u0027, 0x3d, r1}, 0x2c, {[{@cache_loose}, {@mmap}, {@loose}, {@loose}, {@mmap}], [{@mask={\u0027mask\u0027, 0x3d, \u0027^MAY_EXEC\u0027}}, {@fsmagic={\u0027fsmagic\u0027, 0x3d, 0x10001}}, {@dont_hash}]}})\n\nSample report:\n\n==================================================================\nBUG: KASAN: use-after-free in kernfs_type include/linux/kernfs.h:335 [inline]\nBUG: KASAN: use-after-free in kernfs_leftmost_descendant fs/kernfs/dir.c:1261 [inline]\nBUG: KASAN: use-after-free in __kernfs_remove.part.0+0x843/0x960 fs/kernfs/dir.c:1369\nRead of size 2 at addr ffff8880088807f0 by task syz-executor.2/857\n\nCPU: 0 PID: 857 Comm: syz-executor.2 Not tainted 6.0.0-rc3-00363-g7726d4c3e60b #5\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x6e/0x91 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:317 [inline]\n print_report.cold+0x5e/0x5e5 mm/kasan/report.c:433\n kasan_report+0xa3/0x130 mm/kasan/report.c:495\n kernfs_type include/linux/kernfs.h:335 [inline]\n kernfs_leftmost_descendant fs/kernfs/dir.c:1261 [inline]\n __kernfs_remove.part.0+0x843/0x960 fs/kernfs/dir.c:1369\n __kernfs_remove fs/kernfs/dir.c:1356 [inline]\n kernfs_remove_by_name_ns+0x108/0x190 fs/kernfs/dir.c:1589\n sysfs_slab_add+0x133/0x1e0 mm/slub.c:5943\n __kmem_cache_create+0x3e0/0x550 mm/slub.c:4899\n create_cache mm/slab_common.c:229 [inline]\n kmem_cache_create_usercopy+0x167/0x2a0 mm/slab_common.c:335\n p9_client_create+0xd4d/0x1190 net/9p/client.c:993\n v9fs_session_init+0x1e6/0x13c0 fs/9p/v9fs.c:408\n v9fs_mount+0xb9/0xbd0 fs/9p/vfs_super.c:126\n legacy_get_tree+0xf1/0x200 fs/fs_context.c:610\n vfs_get_tree+0x85/0x2e0 fs/super.c:1530\n do_new_mount fs/namespace.c:3040 [inline]\n path_mount+0x675/0x1d00 fs/namespace.c:3370\n do_mount fs/namespace.c:3383 [inline]\n __do_sys_mount fs/namespace.c:3591 [inline]\n __se_sys_mount fs/namespace.c:3568 [inline]\n __x64_sys_mount+0x282/0x300 fs/namespace.c:3568\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x38/0x90 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7f725f983aed\nCode: 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f725f0f7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5\nRAX: ffffffffffffffda RBX: 00007f725faa3f80 RCX: 00007f725f983aed\nRDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000\nRBP: 00007f725f9f419c R08: 0000000020000280 R09: 0000000000000000\nR10: 0000000000000408 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000006 R14: 00007f725faa3f80 R15: 00007f725f0d7000\n \u003c/TASK\u003e\n\nAllocated by task 855:\n kasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\n kasan_set_track mm/kasan/common.c:45 [inline]\n set_alloc_info mm/kasan/common.c:437 [inline]\n __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:470\n kasan_slab_alloc include/linux/kasan.h:224 [inline]\n slab_post_alloc_hook mm/slab.h:7\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50432",
"url": "https://www.suse.com/security/cve/CVE-2022-50432"
},
{
"category": "external",
"summary": "SUSE Bug 1250851 for CVE-2022-50432",
"url": "https://bugzilla.suse.com/1250851"
},
{
"category": "external",
"summary": "SUSE Bug 1251228 for CVE-2022-50432",
"url": "https://bugzilla.suse.com/1251228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T17:39:50Z",
"details": "important"
}
],
"title": "CVE-2022-50432"
},
{
"cve": "CVE-2023-53673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: call disconnect callback before deleting conn\n\nIn hci_cs_disconnect, we do hci_conn_del even if disconnection failed.\n\nISO, L2CAP and SCO connections refer to the hci_conn without\nhci_conn_get, so disconn_cfm must be called so they can clean up their\nconn, otherwise use-after-free occurs.\n\nISO:\n==========================================================\niso_sock_connect:880: sk 00000000eabd6557\niso_connect_cis:356: 70:1a:b8:98:ff:a2 -\u003e 28:3d:c2:4a:7e:da\n...\niso_conn_add:140: hcon 000000001696f1fd conn 00000000b6251073\nhci_dev_put:1487: hci0 orig refcnt 17\n__iso_chan_add:214: conn 00000000b6251073\niso_sock_clear_timer:117: sock 00000000eabd6557 state 3\n...\nhci_rx_work:4085: hci0 Event packet\nhci_event_packet:7601: hci0: event 0x0f\nhci_cmd_status_evt:4346: hci0: opcode 0x0406\nhci_cs_disconnect:2760: hci0: status 0x0c\nhci_sent_cmd_data:3107: hci0 opcode 0x0406\nhci_conn_del:1151: hci0 hcon 000000001696f1fd handle 2560\nhci_conn_unlink:1102: hci0: hcon 000000001696f1fd\nhci_conn_drop:1451: hcon 00000000d8521aaf orig refcnt 2\nhci_chan_list_flush:2780: hcon 000000001696f1fd\nhci_dev_put:1487: hci0 orig refcnt 21\nhci_dev_put:1487: hci0 orig refcnt 20\nhci_req_cmd_complete:3978: opcode 0x0406 status 0x0c\n... \u003cno iso_* activity on sk/conn\u003e ...\niso_sock_sendmsg:1098: sock 00000000dea5e2e0, sk 00000000eabd6557\nBUG: kernel NULL pointer dereference, address: 0000000000000668\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP PTI\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014\nRIP: 0010:iso_sock_sendmsg (net/bluetooth/iso.c:1112) bluetooth\n==========================================================\n\nL2CAP:\n==================================================================\nhci_cmd_status_evt:4359: hci0: opcode 0x0406\nhci_cs_disconnect:2760: hci0: status 0x0c\nhci_sent_cmd_data:3085: hci0 opcode 0x0406\nhci_conn_del:1151: hci0 hcon ffff88800c999000 handle 3585\nhci_conn_unlink:1102: hci0: hcon ffff88800c999000\nhci_chan_list_flush:2780: hcon ffff88800c999000\nhci_chan_del:2761: hci0 hcon ffff88800c999000 chan ffff888018ddd280\n...\nBUG: KASAN: slab-use-after-free in hci_send_acl+0x2d/0x540 [bluetooth]\nRead of size 8 at addr ffff888018ddd298 by task bluetoothd/1175\n\nCPU: 0 PID: 1175 Comm: bluetoothd Tainted: G E 6.4.0-rc4+ #2\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5b/0x90\n print_report+0xcf/0x670\n ? __virt_addr_valid+0xf8/0x180\n ? hci_send_acl+0x2d/0x540 [bluetooth]\n kasan_report+0xa8/0xe0\n ? hci_send_acl+0x2d/0x540 [bluetooth]\n hci_send_acl+0x2d/0x540 [bluetooth]\n ? __pfx___lock_acquire+0x10/0x10\n l2cap_chan_send+0x1fd/0x1300 [bluetooth]\n ? l2cap_sock_sendmsg+0xf2/0x170 [bluetooth]\n ? __pfx_l2cap_chan_send+0x10/0x10 [bluetooth]\n ? lock_release+0x1d5/0x3c0\n ? mark_held_locks+0x1a/0x90\n l2cap_sock_sendmsg+0x100/0x170 [bluetooth]\n sock_write_iter+0x275/0x280\n ? __pfx_sock_write_iter+0x10/0x10\n ? __pfx___lock_acquire+0x10/0x10\n do_iter_readv_writev+0x176/0x220\n ? __pfx_do_iter_readv_writev+0x10/0x10\n ? find_held_lock+0x83/0xa0\n ? selinux_file_permission+0x13e/0x210\n do_iter_write+0xda/0x340\n vfs_writev+0x1b4/0x400\n ? __pfx_vfs_writev+0x10/0x10\n ? __seccomp_filter+0x112/0x750\n ? populate_seccomp_data+0x182/0x220\n ? __fget_light+0xdf/0x100\n ? do_writev+0x19d/0x210\n do_writev+0x19d/0x210\n ? __pfx_do_writev+0x10/0x10\n ? mark_held_locks+0x1a/0x90\n do_syscall_64+0x60/0x90\n ? lockdep_hardirqs_on_prepare+0x149/0x210\n ? do_syscall_64+0x6c/0x90\n ? lockdep_hardirqs_on_prepare+0x149/0x210\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x7ff45cb23e64\nCode: 15 d1 1f 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 80 3d 9d a7 0d 00 00 74 13 b8 14 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89\nRSP: 002b:00007fff21ae09b8 EFLAGS: 00000202 ORIG_RAX: 0000000000000014\nRAX: ffffffffffffffda RBX: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53673",
"url": "https://www.suse.com/security/cve/CVE-2023-53673"
},
{
"category": "external",
"summary": "SUSE Bug 1251763 for CVE-2023-53673",
"url": "https://bugzilla.suse.com/1251763"
},
{
"category": "external",
"summary": "SUSE Bug 1251983 for CVE-2023-53673",
"url": "https://bugzilla.suse.com/1251983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T17:39:50Z",
"details": "important"
}
],
"title": "CVE-2023-53673"
},
{
"cve": "CVE-2024-53141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53141",
"url": "https://www.suse.com/security/cve/CVE-2024-53141"
},
{
"category": "external",
"summary": "SUSE Bug 1234381 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "external",
"summary": "SUSE Bug 1245778 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1245778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_182-default-18-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T17:39:50Z",
"details": "important"
}
],
"title": "CVE-2024-53141"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…